diff --git a/pkgs/ch-proxy/meson.build b/pkgs/ch-proxy/meson.build
index e3976a2..379f96f 100644
--- a/pkgs/ch-proxy/meson.build
+++ b/pkgs/ch-proxy/meson.build
@@ -1,3 +1,9 @@
 project('ch-proxy', 'c')
 
-executable('ch-proxy', 'proxy.c', install: true)
+pkg = import('pkgconfig')
+
+sendfd = library('sendfd', [ 'sendfd.c', 'sendfd.h' ], install: true)
+pkg.generate(sendfd)
+install_headers('sendfd.h')
+
+executable('ch-proxy', 'proxy.c', link_with: [sendfd], install: true)
diff --git a/pkgs/ch-proxy/package.nix b/pkgs/ch-proxy/package.nix
index 9fd3b21..e94eec8 100644
--- a/pkgs/ch-proxy/package.nix
+++ b/pkgs/ch-proxy/package.nix
@@ -8,6 +8,7 @@
 stdenv.mkDerivation {
   pname = "ch-proxy";
   version = "0.0.0";
+  outputs = [ "out" "lib" ];
   nativeBuildInputs = [
     meson
     ninja
@@ -19,6 +20,8 @@ stdenv.mkDerivation {
     fs.toSource {
       fileset = fs.unions [
         ./proxy.c
+        ./sendfd.c
+        ./sendfd.h
         ./meson.build
       ];
       root = ./.;
diff --git a/pkgs/ch-proxy/proxy.c b/pkgs/ch-proxy/proxy.c
index ed1dea0..46730e6 100644
--- a/pkgs/ch-proxy/proxy.c
+++ b/pkgs/ch-proxy/proxy.c
@@ -9,9 +9,9 @@
 
 #include <linux/vm_sockets.h>
 
-struct msghdr mk_msghdr();
+#include "sendfd.h"
+
 int ch_connect(const char*, const char*);
-ssize_t send_fd(int, int);
 
 #define _WRITE_CONFIRM(fd, buf, buflen) {if (write((fd), (buf), (buflen)) != (buflen)) { perror("ch-proxy/write/partial write"); exit(EXIT_FAILURE); }}
 
@@ -168,19 +168,13 @@ int main(int argc, char** argv) {
         exit(EXIT_FAILURE);
     }
 
-    if (send_fd(1, s) == -1) {
+    if (send_fd(1, s, NULL) == -1) {
         perror("ssh-vsock-proxy/main/send_fd");
         return EXIT_FAILURE;
     }
     return 0;
 }
 
-struct msghdr mk_msghdr() {
-    struct msghdr msg;
-    memset(&msg, 0, sizeof(msg));
-
-    return msg;
-}
 
 int ch_connect(const char *path, const char *port) {
     int s = socket(AF_UNIX, SOCK_STREAM, 0);
@@ -212,38 +206,3 @@ int ch_connect(const char *path, const char *port) {
 
     return s;
 }
-
-ssize_t send_fd(int dst_fd, int fd) {
-    struct msghdr msg = mk_msghdr();
-
-    /* openssh expects to receive a dummy length=1 iovec? */
-    char ch;
-    struct iovec vec;
-    vec.iov_base = &ch;
-    vec.iov_len = 1;
-    msg.msg_iov = &vec;
-    msg.msg_iovlen = 1;
-
-    union {
-        struct cmsghdr align;
-        char buf[CMSG_SPACE(sizeof(int))];
-    } u;
-
-    msg.msg_control = u.buf;
-    msg.msg_controllen = sizeof(u.buf);
-
-    struct cmsghdr *cmptr;
-    cmptr = CMSG_FIRSTHDR(&msg);
-
-    if (cmptr == NULL) {
-        fprintf(stderr, "ch-proxy/send_fd/CMSG_FIRSTHDR: failed to initialize msg_control\n");
-        exit(EXIT_FAILURE);
-    }
-
-    cmptr->cmsg_len = CMSG_LEN(sizeof(int));
-    cmptr->cmsg_level = SOL_SOCKET;
-    cmptr->cmsg_type = SCM_RIGHTS;
-    *((int*) CMSG_DATA(cmptr)) = fd;
-
-    return (sendmsg(dst_fd, &msg, 0));
-}
diff --git a/pkgs/ch-proxy/sendfd.c b/pkgs/ch-proxy/sendfd.c
new file mode 100644
index 0000000..c649316
--- /dev/null
+++ b/pkgs/ch-proxy/sendfd.c
@@ -0,0 +1,38 @@
+#include "sendfd.h"
+#include "sys/socket.h" /* cmsghdr */
+#include "stdio.h" /* perror */
+
+
+ssize_t send_fd(int dst_fd, int fd, const struct iovec *iov) {
+    struct msghdr msg = { 0 };
+
+    /* openssh expects to receive a dummy length=1 iovec? */
+    char ch = 0;
+    struct iovec vecDefault = { 0 };
+    vecDefault.iov_base = &ch;
+    vecDefault.iov_len = 1;
+    msg.msg_iov = iov == NULL ? &vecDefault : iov;
+    msg.msg_iovlen = 1;
+
+    union {
+        struct cmsghdr align;
+        char buf[CMSG_SPACE(sizeof(int))];
+    } u;
+
+    msg.msg_control = u.buf;
+    msg.msg_controllen = sizeof(u.buf);
+
+    struct cmsghdr *cmptr;
+    cmptr = CMSG_FIRSTHDR(&msg);
+
+    if (cmptr == NULL) {
+        perror("ch-proxy/send_fd/CMSG_FIRSTHDR: failed to initialize msg_control\n");
+    }
+
+    cmptr->cmsg_len = CMSG_LEN(sizeof(int));
+    cmptr->cmsg_level = SOL_SOCKET;
+    cmptr->cmsg_type = SCM_RIGHTS;
+    *((int*) CMSG_DATA(cmptr)) = fd;
+
+    return (sendmsg(dst_fd, &msg, 0));
+}
diff --git a/pkgs/ch-proxy/sendfd.h b/pkgs/ch-proxy/sendfd.h
index 65042d8..8c99389 100644
--- a/pkgs/ch-proxy/sendfd.h
+++ b/pkgs/ch-proxy/sendfd.h
@@ -1,9 +1,11 @@
 #ifndef _CH_PROXY_SENFD
 #define _CH_PROXY_SENFD
 
-#include <stddef.h>
+#include <stddef.h> /* size_t */
+#include <sys/types.h> /* ssize_t */
+#include <sys/uio.h> /* iovec */
 
-ssize_t send_fd(int dst_fd, int fd);
+ssize_t send_fd(int dst_fd, int fd, const struct iovec *);
 
-#endif _CH_PROXY_SENFD
+#endif /* _CH_PROXY_SENFD */
 
diff --git a/profiles/uvms-guest.nix b/profiles/uvms-guest.nix
index e8c307d..281f343 100644
--- a/profiles/uvms-guest.nix
+++ b/profiles/uvms-guest.nix
@@ -41,6 +41,7 @@ in
         volumes = [
           {
             image = "swapfile.img";
+            serial = "swapfiles";
             mountPoint = "/var/swapfiles";
             size = 1024;
           }
diff --git a/profiles/uvms-users.nix b/profiles/uvms-users.nix
index e75ac8f..e7bbacf 100644
--- a/profiles/uvms-users.nix
+++ b/profiles/uvms-users.nix
@@ -29,7 +29,6 @@ in
   };
   config = mergeIf cfg.enable [
     {
-      services.getty.autologinUser = "user";
       security.sudo.wheelNeedsPassword = false;
       users.mutableUsers = false;
       users.users.user = {