Emma Thorpe
dddf97f3ad
CI / flake (pull_request) Successful in 2m7s
The NixOS-WSL store is a read-only VHD whose files are owned by nobody (65534), not root. programs.ssh.systemd-ssh-proxy.enable (default true) adds `Include <systemd>/lib/systemd/ssh_config.d/20-systemd-ssh-proxy.conf` to /etc/ssh/ssh_config. OpenSSH permission-checks Include'd config files and rejects any not owned by root or the caller, so the nobody-owned include fails with "Bad owner or permissions" and breaks ssh/git for every command. Disable it on the WSL host: the proxy plugin only serves `ssh unix/…` / `vsock` connections to local machined VMs, which WSL does not use. Other hosts keep the default (root-owned store, include works). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>