diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2023-03-20 12:27:50 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2023-03-20 12:27:50 +0100 |
commit | c12c26730f5be240844684cfeff6b9e8b1c7348b (patch) | |
tree | c63c8485a2c8f00899bc1a7aed93cdac7c7d46e5 | |
parent | e24249d67d1a8b899661d4b42294a0ce675cddea (diff) | |
download | nixos-c12c26730f5be240844684cfeff6b9e8b1c7348b.tar nixos-c12c26730f5be240844684cfeff6b9e8b1c7348b.tar.gz nixos-c12c26730f5be240844684cfeff6b9e8b1c7348b.tar.bz2 nixos-c12c26730f5be240844684cfeff6b9e8b1c7348b.tar.xz nixos-c12c26730f5be240844684cfeff6b9e8b1c7348b.zip |
...
-rw-r--r-- | system-profiles/openssh/default.nix | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/system-profiles/openssh/default.nix b/system-profiles/openssh/default.nix index f81880cc..0e88ffb7 100644 --- a/system-profiles/openssh/default.nix +++ b/system-profiles/openssh/default.nix | |||
@@ -75,11 +75,11 @@ in { | |||
75 | KbdInteractiveAuthentication = mkDefault false; | 75 | KbdInteractiveAuthentication = mkDefault false; |
76 | }; | 76 | }; |
77 | moduliFile = mkIf (config.sops.secrets ? "ssh_moduli") "/run/credentials/sshd.service/ssh_moduli"; | 77 | moduliFile = mkIf (config.sops.secrets ? "ssh_moduli") "/run/credentials/sshd.service/ssh_moduli"; |
78 | extraConfig = '' | 78 | extraConfig = optionalString cfg.staticHostKeys '' |
79 | ${optionalString cfg.staticHostKeys "HostKey /run/credentials/sshd.service/ssh_host_ed25519_key"} | 79 | HostKey /run/credentials/sshd.service/ssh_host_ed25519_key |
80 | ${optionalString cfg.staticHostKeys "HostCertificate ${./known-hosts + "/${hostName}/ed25519.pub"}"} | 80 | HostCertificate ${./known-hosts + "/${hostName}/ed25519.pub"} |
81 | ${optionalString cfg.staticHostKeys "HostKey /run/credentials/sshd.service/ssh_host_rsa_key"} | 81 | HostKey /run/credentials/sshd.service/ssh_host_rsa_key |
82 | ${optionalString cfg.staticHostKeys "HostCertificate ${./known-hosts + "/${hostName}/rsa-cert.pub"}"} | 82 | HostCertificate ${./known-hosts + "/${hostName}/rsa-cert.pub"} |
83 | ''; | 83 | ''; |
84 | }; | 84 | }; |
85 | 85 | ||