yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

sshd: trust own ed25519 host key as a known host

Browse Source
This commit is contained in:
Michael Hoang
2025-03-20 17:04:12 +09:00
parent 6ffbb43cb2
commit effcbaaa0f
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
clanModules/sshd/roles/server.nix
View File

@@ -37,6 +37,7 @@ in
type = "rsa";
};
};
clan.core.vars.generators.openssh = {
files."ssh.id_ed25519" = { };
files."ssh.id_ed25519.pub".secret = false;
@@ -50,6 +51,14 @@ in
'';
};
programs.ssh.knownHosts.clan-sshd-self-ed25519 = {
hostNames = [
"localhost"
config.networking.hostName
] ++ (lib.optional (config.networking.domain != null) cfg.fqdn);
publicKey = config.clan.core.vars.generators.openssh.files."ssh.id_ed25519.pub".value;
};
clan.core.vars.generators.openssh-rsa = lib.mkIf config.clan.sshd.hostKeys.rsa.enable {
files."ssh.id_rsa" = { };
files."ssh.id_rsa.pub".secret = false;