yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request 'sshd: trust own ed25519 host key as a known host' (#3077) from push-opymuwrqqqvv into main

Browse Source 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3077
This commit is contained in:
Michael Hoang
2025-03-20 13:44:25 +00:00
parent 6ffbb43cb2 effcbaaa0f
commit 91dbf20cd5
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
clanModules/sshd/roles/server.nix
View File

@@ -37,6 +37,7 @@ in
type = "rsa"; type = "rsa";
}; };
}; };
clan.core.vars.generators.openssh = { clan.core.vars.generators.openssh = {
files."ssh.id_ed25519" = { }; files."ssh.id_ed25519" = { };
files."ssh.id_ed25519.pub".secret = false; files."ssh.id_ed25519.pub".secret = false;
@@ -50,6 +51,14 @@ in
''; '';
}; };
programs.ssh.knownHosts.clan-sshd-self-ed25519 = {
hostNames = [
"localhost"
config.networking.hostName
] ++ (lib.optional (config.networking.domain != null) cfg.fqdn);
publicKey = config.clan.core.vars.generators.openssh.files."ssh.id_ed25519.pub".value;
};
clan.core.vars.generators.openssh-rsa = lib.mkIf config.clan.sshd.hostKeys.rsa.enable { clan.core.vars.generators.openssh-rsa = lib.mkIf config.clan.sshd.hostKeys.rsa.enable {
files."ssh.id_rsa" = { }; files."ssh.id_rsa" = { };
files."ssh.id_rsa.pub".secret = false; files."ssh.id_rsa.pub".secret = false;