diff options
Diffstat (limited to 'system-profiles/openssh')
-rw-r--r-- | system-profiles/openssh/default.nix | 41 | ||||
-rw-r--r-- | system-profiles/openssh/host-keys/sif.yaml | 34 | ||||
-rw-r--r-- | system-profiles/openssh/host-keys/surtr.yaml | 37 | ||||
-rw-r--r-- | system-profiles/openssh/known-hosts/sif.nix | 16 | ||||
-rw-r--r-- | system-profiles/openssh/known-hosts/surtr.nix | 28 | ||||
-rw-r--r-- | system-profiles/openssh/known-hosts/ymir.nix | 16 |
6 files changed, 172 insertions, 0 deletions
diff --git a/system-profiles/openssh/default.nix b/system-profiles/openssh/default.nix new file mode 100644 index 00000000..09ff58f7 --- /dev/null +++ b/system-profiles/openssh/default.nix | |||
@@ -0,0 +1,41 @@ | |||
1 | { customUtils, lib, config, hostName, pkgs, ... }: | ||
2 | { | ||
3 | config = { | ||
4 | programs.ssh.knownHosts = lib.zipAttrsWith (_name: values: builtins.head values) (lib.mapAttrsToList (name: lib.mapAttrs' (type: value: lib.nameValuePair "${name}-${type}" value)) (customUtils.nixImport { dir = ./known-hosts; })); | ||
5 | |||
6 | systemd.user.services."ssh-agent".enable = lib.mkForce false; # ssh-agent should be done via home-manager | ||
7 | |||
8 | services.openssh = lib.mkIf config.services.openssh.enable { | ||
9 | hostKeys = [ | ||
10 | { path = "/etc/ssh/ssh_host_rsa_key"; | ||
11 | type = "rsa"; | ||
12 | } | ||
13 | { path = "/etc/ssh/ssh_host_ed25519_key"; | ||
14 | type = "ed25519"; | ||
15 | } | ||
16 | ]; | ||
17 | }; | ||
18 | |||
19 | sops.secrets = lib.mkIf config.services.openssh.enable { | ||
20 | ssh_host_rsa_key = { | ||
21 | key = "rsa"; | ||
22 | path = "/etc/ssh/ssh_host_rsa_key"; | ||
23 | sopsFile = ./host-keys + "/${hostName}.yaml"; | ||
24 | }; | ||
25 | ssh_host_ed25519_key = { | ||
26 | key = "ed25519"; | ||
27 | path = "/etc/ssh/ssh_host_ed25519_key"; | ||
28 | sopsFile = ./host-keys + "/${hostName}.yaml"; | ||
29 | }; | ||
30 | }; | ||
31 | |||
32 | environment.etc = lib.mkIf config.services.openssh.enable { | ||
33 | "ssh/ssh_host_rsa_key.pub".text = config.services.openssh.knownHosts."${hostName}-rsa".publicKey; | ||
34 | "ssh/ssh_host_ed25519_key.pub".text = config.services.openssh.knownHosts."${hostName}-ed25519".publicKey; | ||
35 | }; | ||
36 | |||
37 | environment.systemPackages = lib.mkIf config.services.openssh.enable (with pkgs; [ | ||
38 | rxvt_unicode.terminfo alacritty.terminfo | ||
39 | ]); | ||
40 | }; | ||
41 | } | ||
diff --git a/system-profiles/openssh/host-keys/sif.yaml b/system-profiles/openssh/host-keys/sif.yaml new file mode 100644 index 00000000..ddef6dd5 --- /dev/null +++ b/system-profiles/openssh/host-keys/sif.yaml | |||
@@ -0,0 +1,34 @@ | |||
1 | ed25519: ENC[AES256_GCM,data:R7Ejs0DrCJOtEquvxuPCpwrOvV1xwCRtSMgzt7H6Dbv5z3zp94Ei8WKRPfju9dSz/4etHa1FV+1Zy7pAExWOOLU6qvaj4ZQa1FEMnJH76SN974D0hp2TON1l7QS/uRfopJJ0vnzITeCmeQcvvv0Rdz7ZUmyfPv8e76/k3h7FsGndu4wEkVg1/0a+E2dNST+/cp+l8RjXljYTiVLAByaMNz1XoK6wupef40Ce11zAGSmJS57gCwmc2yyq01sgnwex1TeDi+Pd43dTR/21n7AssqnpZGsSqpC4+RzHnxP3YGHN1dLTjHZ5fWW+zEHJZ/lG2eW4Gful+TnQ3fw2SHCjW/9BxpCjzo8GAByuJEr569fRXXAiDnmLG8GXGCpQDgSpjdkL4bFEDs0Uss3ydJEmwL3DaNkr/SHUyovwE2k5KnfIt6v0uEH+HsDSPRQpVoOgn7q3GgDmqwADfGt8MStdFVo3el/s6Rs+Q6r/ukYYu+Mon7Akv7HPGAnHDBSGOPBwy/a5Di3AA0TH/CHCmNdv,iv:HD2JAEUDz5BvZDOMAxb83UjoGZBewdePfSktD5Vh7qw=,tag:CIcXaGYLFeJrp+AU3dpStQ==,type:str] | ||
2 | rsa: ENC[AES256_GCM,data:48rCmH0Id6ACaz4oGNfb72sIhfP5P8flVU4DniyTnRbaS98CIg9B3Utj7kZQYwFOOT/esQY7o/82udh8vW2j3D5eF6HfJPZa6ata5SV5b0HIZd+HMNEz2eo4FQ+ev5JWRA0I0FlYMYM/3+w855d2qolHc+voQf/+g4edlU460hx9rbhyn4injrGFdK/AxCNUwB1YXSB+UzRAV3p3U6IXd4ULQydWjJnm5lePZdBEa2q5ZKggFUVoF59fCrKPuxoRuiQTFB9UX2cRxS/MDp70m76NuxP93wGNFRfqWsVxZW7d5WH42ifLYTpIdnB0nRV4VcYdZbVxSTH2/CdRTrQ+BXut4pEsrxq91k6H3EM1FhYYDYTO+fOoKhpe/uidBTuqf3m2A7pM4zdZoTfT/0dcOxIDbtDl+2xfZEiXwXPEsoPAzLcnA23CasY0rc3I+xFgI2yIa+DFUXTiwOuqMbTRooacYVGWa5UsYO0JztizNNgp+GApxBu5fco3J2TVVBIaOpoeRZsX3BlT/8NdR3DBw00ERdj3UVBOUCNV9s++3BfnQgXDdSk/FJ0otrgXQgYxiUN6jbldP+vxt/b4S+tALu7iVApjS0UHP76zvnYotcW57UCX0Gpf9zJc2jPjxGmtIkenVSNB9ZufRg0zvGQ1qN6Ct3j/U2Ka/mfs5AE8PXYC6wFxqlOB5P5OdmVXF9srtnTirgeWbsA4Jeg+OvwAq9DbIvKDDHk0miVMu7JRsPsuCpGjgA1hHHunqFJ6vwKwKvF9k1kCmd61Kgj5MuF4BDnfRC4V22g84eO0ojJH2vU8vzjF9k5MA5zznGYgojZAtQnCXcC3k9CFbPjJE8fqk4fJ3kKoZZy+M3d4rn7JY4HZfjVs2iHZtQv7CskAi9JSULPCEirRsMnzm7jvKVUm0viS4E8dWeUoEDtMnZ1PU/IeWxlJua9hkzWmH3HqigmUq22SBTVJeb24KXyLJcvaeOsoQMOwmdJm7VUYqM8h9L8iomFf1bbExgfmhN20ACCs39sgW6wrW3ODmW85BiC/QkdApxEk65fjL+T23fN1KbXf9la/xz2FCXGUdgKMjUc+HdCtOB7VgvIehfRKodgq4l9E0zIkukT+4RdHiEA0GVga9sesLsLVtgM0UzBca7Sx9NSxEjRNrOxABohu30WPaFHoIOGg+szpD3GOGI4EpmwPK3NEjfG/RTG0ncTf910Shr9OTO69DUcoN9RVR/j6Kq7+WG9G9KxiSn2Qa0F5KFj+Pq5oIPIvGR4YkMPAvlWvvXtfTwweLr8OsNpd716WKap75iykjleeE7qGWPiFtyaiBn98VzZ9e85I8gPVCZcDTtMNXxATYDd1q0yzKV87dOL2SuzC1a2t8htb3lQuugemSfXcoLlYTdZloCClb63oLbLkDtmfd3WCpUFFlYSIxbnamixqdeLeiSL7FwkF/QpUhw0ILm+EQrZGiQ+JcOyPiiJQTDmtcAS6LbprHmapMeQCMtP3/Jk6WdfN5Jhj0x7feVJfATIoLPx0aqox7ekbU4aSzZ/8qjxlMqBcsHUEKfKCoZdVOwuklEKPhPJzGAyom/FNIVrU4EjSxcPtotMP/munJ1BWHFL5UJWPoTAZHz3Ywt50e9Fpwz9coo5NbPhRtFqVs4bOeFqJb1kq6/gPMY7J57+QSetcbBJvwVzCBsQSHoUHgvnIn7kAwM8QbfpilKZd5McL6AiGUtQbAgalXtptnnI/U59IJ8ILkdffQioM0PmzXRdTcSpe6pS6M60stQPwFE4Z9+LHr5LBuuM34YkCq1jd4EMWti+KbEFzipvdAfCYLVdacCqPXzEg3mZ00A/xCXkKk4GDpOIbC3u2T6d5UyIY6b5aX1ZJEbTa1ndVU41+Rt5z0x8tuJkqNVRK8VJ2aVqc8t+o7Ga9IRV9YcIPtDWYcVRt6zTz+DqFEmTRrnBO0AwXdT+eGrMn6X3Nj+DIjPf2B5Nve/98PyRZDRlXkcAKe5FLrVqh1d888MX7pfH+BK8I4kmFokqitxKMw63aeakjpotgN1jUdMtZR9weo6pp4TCStQwlRA41fMLgjxiiZquiajxz1zTlYKr2CVpaw6fDLkBvUw44+ZNHHn75O1/lCuT6MmK9Bu1TwsNsNd4JQSpeY0KHF6VZM0EaS3rIsnZz61X02fdpmo6Nw0mFtB4AidghSI1l+tKVVMnYJqB48eU0w+PHhdkWsi6F3Agp4L4043tWr1o4+WGBnOnx0/rNUEEu30Dtwsty0V87k1c5GRo8PKnzSHtis+QaDOL+xSIVMhsFOcuLV+VhVm84NWjgpKcCb++NInR2BbAwNRBArdIaOfQVw/HlkfnAJNWmOr6y8db1PEPNQVPVflb8bfMsZjZpBy6w1JN2Y15ZL7L0tltyUyDomT3IfMURpIW6OoyaIQS+T6NAkqq0bOllnkRnBziTNae57zl/iNg4AlWtq0NRSed0ls7Dr3yYe5Y+JvGmuW+HEA1r1/Yp9ZYQrhAc6qmAZU4+XuOgANr/4tRFA2091M05+Ow0QMquZr5odLlSyVxDU+5P/+lxb4U2ltLg/lcDeTT7qJZt3vqNVRaWg+864uUO5GFtq56x+egmYpXrgGtIRjABA6oxEHRH8RENeVMIpriv0KQ0WrGvlCnZYOMkydN1YBIX9B5gXZQBDzN3POKyo7KiBtcyMi+iOkH15AaB6G5yZymckAsfVzA/VPi/M115vjOtcqK/yyYbKpzF5ZybRlDlwsWww8aymN5i9b6q0ZI1iQoV/8P8lnal1ziYABr1s30ZqYByZ3PS1OIg6Qc/UtFT8C0OhtBPtwPEy/Xalvtqhl8/9y4Yuv6D5MNCwbL5oQ2JafEaFCOslGklg0ORCwgF+Ho5ZcZPB1tK2c424wde+KBDrBDfDrrCrYoxpeuvpFoRyy0DF3xh+25OkBfxb7+VXQxn3wXDBR7Yr1tuBLQUlbiZ0d4uPj9Pw7RA4UQTMXCRfmUiHP2nTdCbBg41M/5Cx6xaOzXJPOrkvsCZnXvNpc7+nkynsHYMqOuuWuuedh4WMU7YEPZt4CasJ5iofrhjzJNI5G5+rTMwaLTNA5AM2hi9DPqvFOaRUv/noYlTxtBT3LzUfgprPYnCKQd4j+6wO/bfbrlQq8WFH+RwFw4W0eMTJRFYFF2ctX0HOi9TOyTTHh/4l/mzTi4OaeFi5GsboDeczeh4acQCt5IjJih4qRnB7fdQy7PF8ccNuGvKWpN2mnDZJnoCrjbX8ihwzePzYPkUQ/ZKUI4KWVuixiis8b+CH0p92/dSOzGvP2MeQVMwRMpqk2EZdj3oE/gYG7RvfgM12N5ZLAUACczbwS17rquSwgznojewY+g/8oTolY81w4P/hPqX6FhWVeeZZaBJVKVDJSm4Aqp67FSYtoOHkEsOROtqklA7JVourGOgU6DfHlaSGGU6khAPv0smaYgi7+8tztNHoaaGSrtWU5+fxEzfD+NrOLm6Wz+ZZNvxWMMwrwkdeYqSc1tJACNo6CDtN/Tx+ZZCVVE+O+Qi5HFHx13c/ChQhRVMCha0VS8sYMokcZ5H2FLFLApOpwYLLFAiNwWr18PxRf3830xRwSM5bbASl9XLz2xxrbzpApDz5EDvvWJ/lPqnxYxVKCY9cEmDLuRtpEezTUpC8t6LqxhkqCTGiHjto668Mx8OTCDI8ys/D2qOFojbDyYIzl3l+AiVucXHXUrOkPJhhiOufiR6rks5UYqC6Mffb14e8JAY4IGsszmPqVY0hFS9AWp/aHuQ61stnMmhNxUw11fCDuUd4R+NvQlWSmN4Nyv0JmC6rHaa+Y/FEIQTCmFRiutTX+0nLPwJYKx+oQYklRDZ1DLtqMcF7PPUZGSFnZGGLN6UxoDhmrwz6NYwn+bBViL6iWFIgLbpRme/3TFBplDVIDUsSmbqsiysOmtzjw3y4YgiYmlZoEc//WK109KVrQUDSKKpjCMki6wsJ+27v5rlvhyBrG8QMUqWtTTB7Xu63iRrlASXcLk8Y99ehrxw/R3bjyXu5jHe0sowoKATerpiukBIOBTzPyFWQp/8MG6wWTzDM+HyGrAoCnkC3RanF56ldyqBzbqMbBIOx+fRWWuUl27YTwWLaPoZbO/+kgwzmguUj+bfqxExa4OTiMamLoZQh3LfIIJhQMd6MR1SDpRNg6D4YI7ftzrgQIe/CjjlWAfzkgeaPLx7Qeer0Te7wdJymWnQs5NBNAdWGcBgAS7/h4JZPBaqvd8KYPl2cg0Mv9k6+ogExv8YAz25rRPaJB1pKbhB5bkNIBRbUzCUhD3nk5uumvgKS0p6qn8hcD1CqEPt+ZH2CemlP5wjt9aHxplVZgG5vFZX0SREGDTSKwQoUbig1cHmRMOkO7vgS3B8eB7/J1UK3QeQe6roQSM80kbcLYH2flUmqQluGO1ZZDUttlp0ACP2lwlaBysp4X3KYPIwiHf1mXH/EQqgt305FNiKynDV6or7VWYQe5CXvTGg,iv:X57Ayvq6r0m1SGeVrBH8WCZ7TihobLLhy7spX4NIly8=,tag:caDTP5SwuWJAWGpwr9x0eQ==,type:str] | ||
3 | sops: | ||
4 | kms: [] | ||
5 | gcp_kms: [] | ||
6 | azure_kv: [] | ||
7 | hc_vault: [] | ||
8 | lastmodified: '2021-01-02T19:05:26Z' | ||
9 | mac: ENC[AES256_GCM,data:yJGzs0W0R+b6WPkUaQc9cxeTBBEXot0ffUAG77Of88kREFsD5ams9qEDCs8LhPhMtLSH5L8bqMLF28n2w6d9gf41NDBl/oj+XTJE26c4D+MWF2A0fqTvwv1l3524TfavVU8iur0bCbytNfcHSZ3zCQAYElswOGupO+K0Y3hwKKI=,iv:jHSgQV6Jg2Yckp8G0Z23Ny74ZQxZ/+C/neXKrEWUVak=,tag:DhOr2cVhIq8i4JAO+fdXxA==,type:str] | ||
10 | pgp: | ||
11 | - created_at: '2021-01-02T19:04:29Z' | ||
12 | enc: | | ||
13 | -----BEGIN PGP MESSAGE----- | ||
14 | |||
15 | hF4Dgwm4NZSaLAcSAQdArkswGx9w0Rbfp1N89qALAbPMhboirsnlNvms/FomXiUw | ||
16 | taW9n4oEJ5oW2UYzNNn72SwF1jYbrqczAbxt3dM9PSz1gHFoh+ZJhGokVFJvJ7sO | ||
17 | 0l4BEOkWmL/9uyOiCq574nH6OxxTPu9C4GNU8lv/Z/qJ+oAocJkGknsIJzd8M5ax | ||
18 | Fo/HqAGGfvnH3RI5FO3tTxfAKlfxlO2MJ2lsCypJuez5WewPnaTPjTbogjhzG2aQ | ||
19 | =HXLp | ||
20 | -----END PGP MESSAGE----- | ||
21 | fp: F1AF20B9511B63F681A14E8D51AEFBCD1DEF68F8 | ||
22 | - created_at: '2021-01-02T19:04:29Z' | ||
23 | enc: | | ||
24 | -----BEGIN PGP MESSAGE----- | ||
25 | |||
26 | hF4DXxoViZlp6dISAQdAUSTwFAciB+Yh2IieFoN/xmQd+GU/g+cuKej6cZk78TUw | ||
27 | ETM8c1TSovML5q9usUX0pl/AbRBwp2In47RMkTn4Mul1XxJuXhgCnrc5swwYrS+h | ||
28 | 0l4BOxJ3bF/yYyKfGrmc/mNe51sdHH+fgQ9IXaQhcopw4kyZqvBXhJF/oP/mhnOL | ||
29 | VMhsfg50ol1XmXVefyo5JPedbzABm3vRZv9U+/zvKNJxIro2hWchd5CxvzN4l/MR | ||
30 | =30r5 | ||
31 | -----END PGP MESSAGE----- | ||
32 | fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 | ||
33 | unencrypted_suffix: _unencrypted | ||
34 | version: 3.6.1 | ||
diff --git a/system-profiles/openssh/host-keys/surtr.yaml b/system-profiles/openssh/host-keys/surtr.yaml new file mode 100644 index 00000000..d31fda3c --- /dev/null +++ b/system-profiles/openssh/host-keys/surtr.yaml | |||
@@ -0,0 +1,37 @@ | |||
1 | dsa: ENC[AES256_GCM,data:+2nv7zqZ47EhQnZ5x8no5J/0r1iWgmSxBMkiYig18JgdZa77lj9y05EubUlELJlGcqcQMD97xFKQdU9BRMGn2Bq0IeK3nBoENkDEp7ksmn6c+hh2GVCDDk5sQnNl1yQB0bo7TEHRddJe+xbAWZ2LGFRyc+ApBWCtqBnQ12+58dY2VarcogT0tNPaga76Mz6K31V6g9PAhiEL9hFl8F3p/ptgsdIArX6xI6+g/tRkE056EuPsqiAXbMagm2dBQOEUiicUEqpgMvnLhlre3FkRWWotrGtGsB0Sum4BY1mrTxaXJf/J5kt4DrPconjooSkzQPImTPtO1cXIHmmAWiQIOJ6xon3dXB2pq4KpWs4wVZ1a2OMXrgAkUCDsYwNQiyv85YREaMvo7J1nfbrP2VRRdPcP3XgbwXkcqzt0r9LYq17bYHxJmhrP9Si7wCwBkCkGxgyLhMTmXQjKairqRqM+5lnHa44bQ2AhMmq4iKCkSJo7fUXOdDNX0n61PFJSOT/UVsHiVDlqcpcSm/GcARcObdVWmXvjw81pmMTjMlAmLupU5yPiWTZr5lMTG42hDO1Yjq9fuA6tN+Op9duVaWc6YiA7qDSTEpGtGmb4wObAgelCfuUTTo+Wp77lqTAeL2eGfuSAKDMb6z3NfCpSpgvJMWhGJtqJfKd2Cu87P06UUgmnyyjVazVTUWmT/ALX6rosUmGChbx5SSQ8tin/jQdIoq4Qs3hR+7AtBil7DF9fpUfHy8OmP/BKbgihuZa1+n9fyiLnw4QfKGFWmmoh06upSrAu3fYofVe1iYuZUUTP/NNUxn/JxbYn2OrQ9PY7GVcFdRBtyU+R8aQ/bawlcwnaIIQOA04iip1P5tgQ8CWCzuHFyP+d9Eun9oD6wPvSoNWXAftochNU6Ol8MQ8ESe22hrO19TrirgxEGwOTVFVLIV1kLlRZ+eCcY3HI/Mq9hnu9KndrMcLsPnjPyzsPo/CmeIOxryT1lY+LKU2mJT0pLq4j1Mt3QrjOuruM4fSYrS5DdDWTXP1Gk5GiULyd12RQFQVznRlYMy6BcSUmRgTWezX+o0dt18aJGNsm0UpS3yjL8BQpatpxq8LxCp9pNhuIyfF3HyjyNeTX1be60XmblYPr+w6OK8sV83p7TTGYVe9xzp0HC87+SBRTWN6SUCkmVrdhzbEBaDZG1a5Ldvar1QbAZF8riUMHnGarh2ZX6Gv2acsnMV5qb8t/HlK3rCKtYk27ok8ENFQqNIpMvVtoxKNPLNBRMNz8KG77fSnYoGmDFVlY82mrDBqvfbHbZgd3wb6WO3xu0KYY8Vc+ymcFromXBxYOhliNAHxYWNRJPfbXEqGRmA2/P5H0yWPdqL29JLX7SeW6+xzWUY5LWDSHBd2qTl8FdWIddAl8jBs2IiNUIGAUayNLNCSjgbVXOsdk8Hx9aQs5RmwFzXX+jBCeYRXdkN5HLFP8o+9hkWbBv4vIRrJxrRvRAVEoP55ZLhFZakrQ52NQwA2Z2SlFnMgSbs9jzDuMRjhX6kkuiE4DdbCkEfkhaqWDY46PGpfhNJ1LTWJZjTLuwvSwb6toyhEzRdpZGHX9ZCGR39h8GtLD/NVvYx4+8rgvWEah8Aizh5PtmjxJD03dQBuFSpnniuxYyEzRiQPK0QcvDerBRzUFC45CCBOdvbf2EcaQygkRCyoAC4hQ5KE/0sWKlotg0zOtwh3Yd+yts4AA4Hmf8Mx3i4hTlG90hVccdPULr9M613V9VmD95+Vz1ugxM5QwTvMvqNh4WI86hX4RfpgulxVYrQOAKZjgTlGnUNu3wZK7X8P9PGOCt/QkfXIXMA==,iv:+x4eD9lw/b2GvLV8Wsp+UZY+lqCN1oknXCbTGwnQNqU=,tag:pU67QbCxEmUc/mT1gzTTsQ==,type:str] | ||
2 | ecdsa: ENC[AES256_GCM,data:obC22x4LSu8YAbqioGx+6SMggFZyT5SDLN+XyOyoTP9OxP8OV73yWp4G36jJqxri9uRtdZbhy+sMXwNEErvN4p9H3pPv0H9KiqJf3Lbs/7pqGT5xbWD4f5A9BcXVwi7qk9XQIDtLfyL6YsQnyOFRO2/bWKY/CpvZOxhyRCkt3s4PsuTRRNvPfmuGbH4OgKDB8aIzNtracLpYakQtg9hI9izQetE4rf758QR6E76C4h5/J7SBzzPh2TfDYesVjjM8PwR7elN8ee8bfpQLKhyqA+FGSInLWrPho+7vBVLC2IYHOShbCXX19XXp9w/vefFGdBIKE7yEaKpCIavW4g1ZVt3UJJC9th/yVUDMpwp7/L72qgwgH7/tO4X5fT6NhUnhJA7xl+eiqe5/SpVCJwyYduTZHAlLlMAM4moF134vj3clsDb2fkV1AoZYeUtxCmbKVDy9lD12FqJ+mfTJ+bc3SZTCBR1ZeBMu/6u/xNzl3TLTfuJ5bW9VFa7vCy48di9mtcr5BhEU7u4C9T7RzoVNDjstxyoc5grqX4Q7GPOcmghV21QE49nsvdQTUxQejtZ/83lY5h/7nhzfd12mHR99cZhiZdwdJZoK8XKWwgjkXLXQF353+KShgFNmBs/8SyqAjNP66wUPO+YW/S7c7HoDiPIN9n/Za4erCg==,iv:agx+d66Pv5KOqzuzQFLMiywyh3REDzXrGW/F6lAm9tE=,tag:ozfiD2P6knpu+QQpSo+GCg==,type:str] | ||
3 | ed25519: ENC[AES256_GCM,data:oFbZx5F797BF/lmKgfdX6ByB2/wBe8gfzJ2gc6m56vgBKFVIs1aIaOFHcUkeJ5wGfSVTZ4C6zv8bTPouIEDSEkFXT9rUXXUbnQ4tCw7BtpfJv40uZWEror5L8vLGzDV5kBs3TaD96ceAdzIF4psQpsyLhhJTtM8h6tJOs5JpDIG3BMXzVkaSAUCsYLIK9iqkyhVCDidqUm+A9Tke6NP5Oqq90n5q7hamPPwpzMFAFl6z5rf6jH3KTSOk+X98VT6vuInuoKc4ODLfGx1AQPJou4GGEOuFkbmsyA7CPZgNsgfnn13nR3CBqiioyzUJwBww3HAfyA2+ZvXhT4fQwAyM/o72F1gpL+LyPzHKPw4IR7f5+WGgoJjs/ORCvPbPG9jpkFEXKOUEgNFO881eIFizBYHvGc7zQS0rD5SspzSqETJ7zRqeB5EpANvZ2Fpv4adJKHZ/o0McMjr9meAxtV6Iunp2EG8tT1/QvuZZ+dFB1Uitpwt2fpd5iFX0uTeSB3gMPgWz3fvx207Bp/SprQdO,iv:vNu2tRvwkBUdgVSnkPli8NMlXNKfbrnf+MsPbnrDF58=,tag:oWYTDKymFM8YRSXwKdc5wg==,type:str] | ||
4 | rsa: ENC[AES256_GCM,data:RBq1mV5XP4J7ETvRI/BLi1+MwqowUflN12h5T8csVejTLVjNDb03TbPMyH0mACPFK5fNDO+9vQ9HC6riIOiSZkXCjwkP//HdF8XqfAg4GrB+Y21fALDF4+Hmux/SrdJfL+JQ4iKWc1zI/bXZOX686/gdDC/dBFLbBD2Tc+n2yqRY6qDAqHZev7epAUtF0w5DTU+Oyt1tcuP73U+oqNs1C8o8zlKAfOgfSAS03sA0WDJJDWCwlnqAnP/Oh4MmUxAobi5afrJLLnmotCsvBCWN8a+zjR5PanGXINv8O1Fhi/ehKauM51zL7IZfKpjZxHS3IzjcTsGKJKP3QE6e8tYojKAPmZac/xcmsDTG/qZC4z7Tp0u6haENbZo+5kK8QyWLZr7b0yUqIYq4s7Y1/dMv3VO+EdmEKfVugg+W2+J9YsZNEkOuAptfKgM3eklry5YrkUVPy8U2nNyahVPzZExfFmjGGmKhdita8SLpD6s+ang0D5GIU8QmfAcrEqIqsCWn202BTdb77NMsfziTmRsJxdTtB5ZmeQL611uL2GI06Th6WqN96I+7eh0hze5TySaDRasKpnqWKnfg0UcoPaw8qW39CXWlZ1sqjlJP82lDs1rKkAeBDcB6YU+mtQnpfSPdGMOHnMNJ97tY4JhdJW4QCqR5Lr/m2aKxOwoc+BQqT4lSymBqPkolDYrBS+pHMHF6MS8TPsdBHt/6bFEiCzXBEmDe/Hx3eNVuT/YQJSBJzF9g98X0/79fkBMi+yI857d/a93cGzddQ1jLjS1yT6Qr+eegozNfeJPzdOSYbIh2xaYZ4MjUiO0LQr44DXOCA+y2viOpi44EvLqqqqDWHf5bcLfljVVF2bgzS54MThC0qlllNDaFpDSUdDQbVYgu8V2D8yCW/WuS+FPtvqIcSL3ZVsE1KgLplIXOdAOlw7YTisjOaXU1uwJNBYfxWlNjiiV/BtJ8rs53i9uPJN5oZ3cRh14mjAoJAhajamN3+xaXo85clthH9B3qSacduzsinsKiy4gL00Fi2WY3MKKbjaWL/JuELqvD37EibQ7HXffWPTBzc7zILRBetW57w44vMCX3kr0ESGzdtfVLsb7/WY937LACkkFIs7puWcgBJVwhAAEvTeOl11ynPKGDEjHah1wTNvWlpe6v4ko3zwNJOVp3lk9M0fwrNbS1jz4HKU+NGPrZS1/nOUd3YjJXCXzJTcq7hhhsBQYOw8+CT3EeWPURj0L0Ddo/a7MZgdTnN325iPqGErDx0F6UkAR8KcyT2M7AWqF0XRYsGDRs99siRF2aQ8UTq2IX5NE8lLG/QtyPrvVTV/tOX285Jt9C5yRufbNcGKUrXPB+SQM2eH0ip6QTvZ+CYfbGO2VIR7RISTUHKKNPMEMGOz5ZQaPc+8qMfFP7+1lz+fkZ7n+ZSVj9GI/GkbDHNERBos7JBSeG3hvVgraGKeanmHerRxlX42GEF8cQvMEjrCGp+PZPMcEmM7c5/5yJ0iYNyk3ES8LP2ax0XoGpWPxA67WNdzNiDd2JSLwHytxaPf3U5FO5rWLj4byrjDRoOZs0maIsVkEkABcCEyN7t20WzhBmnrx8fkrULXgeIcbQjFcL1x6UW2FS1AUWnHu23XoFxFu4HHIPYZdL70DdsoJr5MS0oZ92oBhaQAXE8nP3RLIMm8yZTqnYuTNzXo3ap9iXyFX+Srp4UvVPyHj8hO3LsXeX6TDQL5R93VMtv9EMQVksSLJU+kLeoKqkMivSAEtD9Zt/GYQdXoXjInY7NpDCha9NBSg+5N2vtVeojI7q/g6Oimq+uT2dRB+62lOd635xgnMRTlwwwkdNI9t1vLcuGStnzWMzYAQhf+TS3LPx7+JGeR8/TXMSoegFf+64hXFJRnxLJTjpfHAJkk0pQ02XAWObab6GVLj8uDcra9cDAKKDftVRX7gOC0k+Vt7vWxkfVPYb8F0EMa2MVm/qYUzcxtnCrxYljtzqXU4UDgw7jUb1yxzI1scU04MaQknfQammw0Lk+ICPEdEX2sJGiG9zH4acCdyqW77QL3tJouCaKPdd6cVq20cyfgjNYT6zbkdlmXTz960Nx9zT4mmk6ngoYwvR1g4nub6Fgo6JDA3AIU7e+uxbO83+I+0jmyOePqkbbJs3igIGekm4M5nl5MhnFyEOr0UrcEKqgp/suRZf/As4UqOHf2NAjP2CMtnHwB8Ug40j5blU/s38ILfdD/Vd87gwZFpx5QCsJjVC+ucuINl4V5WbRBkbIID6ZrLGXoVzYYVqY6oNAF93fl2xCSZykdkVdBaJvSbpz8wbzimjV7nUL2Bxu+sJN7809DTpgwyGutQJ4f9CgpAb0+g2TCGdvbvB+Uh5H62iQaZDsaD8guusrIEkxjW83V/38DYaWe/Wh3CTfTqRqgDxql22n6a33qlU+k0F/het07ZhqtQ8bwL8QATDYg9zxCfRgr4YiMFQ1evS1qCOF8KWnRa2ApOO0qPJJ49DxJeFMD29pXhmxtrBPJelSeZqDUYVx8Ns0n72hh6FxBkRItntU6HGAtC+aZCi3h5HnUKyRTb63tJwm7OGkVltP5QaFT0nE1Tv2FdQSKFcLvnMCcx+P9VJ0dPXShbCv6JMdxQuqRIR3RRI5D6cv4O4HZKxtMuiZmsZySRFbSG033TGDEJKShlT5CleowW+21dHZeAWGLR9d/ScRE2i1Z69O4SgoZPyDpwHTb5jB+47oh0HNvUIvskyHfp57HkcUCmszZHf4wPblUjr33hCpk0k48mQfVEjekdRxojE7FTbDIERFZPb6tMDuUnhM7p7CE96A2ka0/renFPA8czLGOTltyxQmaCc0ZOV4nlUJ0m6L5dcXSPjpfm81y23GJJVy0DCY0tZ5YKT2C+5EEhL1gx0pWZ7Tf844FmwCfXaUIkxNkAKV4c/hBlvdAev6unXUj6LdsHEg8GqlV3KCAeG0wG9CnspmUnSrgNDSfa3AkFjTKXzLtLXa+FYTq8GNEyvrMQq/cWrHNU6kDr6Q+CH86U8J7kVepwbSTi49TvTxgkY8DiOlufv7EPa6CmgEYGNybMWhvdZ+rghVyp7botR30Wab/T7eHnUd+0CQHKaQmJ/eHBxIfJToQrchyXTM+VrehI7EQqn2HzeuSt5SneMtgNS71p+jgdrAO7w1LhJy7TDutGGPsW5ln5aT509OhwSUF5ZzJTTVytwb0QsBeGq+2DyrGwxQoaBOgXOFyI4Slryeb1+BC2ednybYRpve75cWUJ1RBxq9TrD8HSesOUE4tTH0DLhe211NLDCSzQ8wk4jVaPr+us4YKEAiBjL6TSWMg3ZdHDIcQVO4o8iXSlM4mDpRU56JODuQLJtBAMVPDkj1Ybj18qIhJ1ZO5YZmUfTQPXtv9heGRQI4MB00RmF8VTXafyqu07DY3bM2RPj9r/1ygEXq2sNXFQ2v2Q0Hai+sl9xU8djdvL8zhTNUWHyewhYnA==,iv:aSdbpsJoDerPqWTSWp0bQIcLChCzeoeGSTKEzvfzafo=,tag:LeOxrwyXdJyj7M0FRn25QQ==,type:str] | ||
5 | sops: | ||
6 | kms: [] | ||
7 | gcp_kms: [] | ||
8 | azure_kv: [] | ||
9 | hc_vault: [] | ||
10 | age: [] | ||
11 | lastmodified: "2021-05-15T13:05:09Z" | ||
12 | mac: ENC[AES256_GCM,data:ATdT6u3dMOgaBVg7cS5tpaA0fyoQdlW/jSzwPjm1mi7j5rNkilIiqIR+C159MrI5eeApkyOpzQP2lIAlANjbO+TlO2YIYd0Ue8pdoEZGQvDyWv3AARLfdlaPzFAGAnBnjihVmKp2kQjfmcSJkASBQM8e89R1PsAKGhH5xS5b0zM=,iv:UyMsuxYWVs/Q9/HTfPtjDNf+tUOHSAqA3klFt7yewYQ=,tag:Vu8xY4NVdw6MvjDWZwiO4A==,type:str] | ||
13 | pgp: | ||
14 | - created_at: "2021-05-15T13:03:47Z" | ||
15 | enc: | | ||
16 | -----BEGIN PGP MESSAGE----- | ||
17 | |||
18 | hF4DXxoViZlp6dISAQdAr0a9IJdY95UvcmMkCS73pQZVdjqHnVTTcpCXYuqkmiYw | ||
19 | rTIqyEsqpoSrkR57LBNX98ix99H/hvj6x8+dsv+K/nJQ9Jjs921UW2HJ8hPMD44Q | ||
20 | 0l4B2MyG+We3OClbt8BJmDo38/+/k9zSBdW2zbYEr4zhG7SCw0BryrPJwGAW54KT | ||
21 | 1fdnNwzN5jdFRObhkq8I725IaU4d7GYrpVebw29HP2fd0Uf+62iBToraRJNj3sxL | ||
22 | =JRkx | ||
23 | -----END PGP MESSAGE----- | ||
24 | fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51 | ||
25 | - created_at: "2021-05-15T13:03:47Z" | ||
26 | enc: | | ||
27 | -----BEGIN PGP MESSAGE----- | ||
28 | |||
29 | hF4DyFKFNkTVG5oSAQdAINIHQVygfLGVo2gdlKCoojmD5layNM6K/QlQR/CsaTsw | ||
30 | SY+3psZUwnwwe7QRnt2gHSOUgYrG6/nhiCAfxoZBQZ6zm+v0IUdbRKEJhhGJnHfV | ||
31 | 0l4BUMxGLYHapIPjzTUwYQv9rF30zO7pJ3vU+4zkReNOcPzENLGX1uZu/1aULOcO | ||
32 | F33lTLP2B9B7pjvPoetJiuds3jO7JZrN3mFhIf7MTZyg5dMBbDSnUMJ6NIW+ug5F | ||
33 | =SAFL | ||
34 | -----END PGP MESSAGE----- | ||
35 | fp: 7ED22F4AA7BB55728B643DC5471B7D88E4EF66F8 | ||
36 | unencrypted_suffix: _unencrypted | ||
37 | version: 3.7.1 | ||
diff --git a/system-profiles/openssh/known-hosts/sif.nix b/system-profiles/openssh/known-hosts/sif.nix new file mode 100644 index 00000000..8326d389 --- /dev/null +++ b/system-profiles/openssh/known-hosts/sif.nix | |||
@@ -0,0 +1,16 @@ | |||
1 | let | ||
2 | hostNames = ["sif.asgard.yggdrasil" "sif.faraday.asgard.yggdrasil" "sif.midgard.yggdrasil"]; | ||
3 | in { | ||
4 | rsa = { | ||
5 | inherit hostNames; | ||
6 | publicKey = '' | ||
7 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCeFqJep1CuWakcoiAkz4bSaHbAIwM89Er46o3KUpjCWGTmDmhJyBiG38pupcctH0awwElkX09GsNx230mTtjT6qcxN+vGsGMJIqFD+/7ZobSLJDHYCo6Jx23jZUjg1SqxYjwB5ooWGI61Vh6SaOy8WRrUn0q8rJyd9SEC+3tJlKO5QqRi/Vnwzj47m+YjGz2UlqJ9a4GeRh1O5SiGx5jd4a/VoeK1XJcW94XeWpPQdUGnVYUXZn9cwYVrogmXdr18ImnPxghsQg4xwS2A6KMjUw9m56XkqIq7vTslmL9JaYcjlSCHbsSVq9+Wu1oKxoyndN7Sim7SkAZwHFUEMBNlontBitgYl6z10VdKX739os6h07uXjGEs+mPk4/CkGZhvhnErV2T9FO+65jnU3mZkeX5tfJHqJ8PnDch2JD6O7+Mjpce4zs/x3mwH36peER6iiIBYGlSF0AlUDShdqj+fPWFu6gZ9piOAZ2L3YXDA0ulM6pL69SbulrUNOwtTy6LkBfKDwpaQK1KO1VOYBaKa7s+krOJXW18k+tpfo4aKSeTuwvykMPndKMKvxcsxNymkGo2AzLw017Qgshzv9rRbLNMBFd85S3krakGyBVL0HAVrAdkjvsWqj5FnHAjgBc1AZnZPbJu3g9/wm7k8rPMV0jxKMpW+zxjVFYDhFUWYp9w== | ||
8 | ''; | ||
9 | }; | ||
10 | ed25519 = { | ||
11 | inherit hostNames; | ||
12 | publicKey = '' | ||
13 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfiwlzGcNQjamtIwv7fmXnddjajraeovaM6gRNui1+v | ||
14 | ''; | ||
15 | }; | ||
16 | } | ||
diff --git a/system-profiles/openssh/known-hosts/surtr.nix b/system-profiles/openssh/known-hosts/surtr.nix new file mode 100644 index 00000000..8d227b44 --- /dev/null +++ b/system-profiles/openssh/known-hosts/surtr.nix | |||
@@ -0,0 +1,28 @@ | |||
1 | let | ||
2 | hostNames = ["surtr.muspelheim.yggdrasil" "surtr.yggdrasil.li"]; | ||
3 | in { | ||
4 | dsa = { | ||
5 | inherit hostNames; | ||
6 | publicKey = '' | ||
7 | ssh-dss AAAAB3NzaC1kc3MAAACBAIgY3WWK/yD1QzQMako4FDkD22YODiCA/d7Ga14xpx7ujSPQJ0PqFd1aTPhrEZdy6pMnL82chGJD/oeurAacBxeuUouKvr10vtpaDJpcvqr/9m4zsx0OSeHl9M5PuSumjEXL/bsF/QSeo9Vp8uznLgHP/oglP8OI4Qsdh/0wisK1AAAAFQD04cH0JaWgJEUePcuYd02KW7t4aQAAAIBkFCGDPkJedRdJRy+l2OW6H7XdCQnA814cWOGaUItw5IVWz6KlVGPlETrBtRJhrgiwApy1Sk2rHxmuHCirAFS6FCZ5ct5wHKV2L/1CDphJzsYql9hUBTgevEpuAg9Kn1WjtcV+t+3LO9URD64BKHzpvtM2I5hAU4Zu6G2OV150MQAAAIB7B3lRZBxkDfb5x4cjitzFXN3FUzBcl0SD6/TJ+TH2lbTONMIXdT9zHw5BfEz3ObcScxCT2g99bvkxDwPNFRAorLAlEhCYB2zUV5QnJd8ZpIB3AFbokUxq+Q8fs5tU16Wv9TQ4oYmY3m9UAEqVz6ph562Ss+axO9qfSlNZX8feGA== | ||
8 | ''; | ||
9 | }; | ||
10 | ecdsa = { | ||
11 | inherit hostNames; | ||
12 | publicKey = '' | ||
13 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKLjbW8GWc7dF8HD8QrFZpZJop2xvFgvZnYfIl/slFASvphD6MBOHq3jx0+Tuk51xd4mvByTwoh8eokLZJidkZQ= | ||
14 | ''; | ||
15 | }; | ||
16 | ed25519 = { | ||
17 | inherit hostNames; | ||
18 | publicKey = '' | ||
19 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO2LOAbV3XuAqJpXVY+YUnLIbhRsmAUmVQT3MioXGGgj | ||
20 | ''; | ||
21 | }; | ||
22 | rsa = { | ||
23 | inherit hostNames; | ||
24 | publicKey = '' | ||
25 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQClFn6IDsDjuLXpThBtrRj+HLkNAwuBc4BgNqqIXkSRXy1FhDVgdI2iXKnJJLT/MWBMz73+QEYI+nDV6cxMCu292sZal+EAkyXJG6gQ9/rboucTuMWosrifAYabY4jUY79vYOiQGHG3XMIVjTQE8dRoXASzPKcok7PHftuW2qUu6ti7s3tqxY89Ez0cUz7jIECR7zHpIHZQbPd7z9luWOwZZc/eUGGWSxxz6idSPi/Adjk4FS56kIBk/uq9bZ8ylE/nwuJFUV90GzIr2nIQAcg6UVjYkw22+tA8BKzkS5Kx9ur7jVAhgs1qavKGnkYBuE4MvfjDzrkxRtlIPOjUQ3uuqYXkkkdMCooDl6+oKvN8dug6+cMdXn3/Q63cA0ols5rJz8iAtBoPRI8b835BWZcYHCk2aF2xT5hmB+GVhnFRZP8p9cRlr0jhYRjJKp80gTT7BPlMAQ0Sfmz5jLPd7X9yInKXCXdzxLTWvGqDq4GpunWVR6rgDMq5AswIcNhcwCc= | ||
26 | ''; | ||
27 | }; | ||
28 | } | ||
diff --git a/system-profiles/openssh/known-hosts/ymir.nix b/system-profiles/openssh/known-hosts/ymir.nix new file mode 100644 index 00000000..f29baf1d --- /dev/null +++ b/system-profiles/openssh/known-hosts/ymir.nix | |||
@@ -0,0 +1,16 @@ | |||
1 | let | ||
2 | hostNames = ["ymir.yggdrasil.li" "ymir.niflheim.yggdrasil"]; | ||
3 | in { | ||
4 | rsa = { | ||
5 | inherit hostNames; | ||
6 | publicKey = '' | ||
7 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNr7oFNneR3sVuAhdbnU83PuG6gTU6rDmiz+qykkRUr5Qdtm0NIr9lI7nhoO/MaALWmkMXsBGjvJ2UxvY959g0wQRHJZnuJDwOMo3YJjfuDGMTtp8ikzd646uMHQB+y/xb4dou6f0INr94eRsZcji7AQgZQnyWVV3DZuSADBfNK0Tx6sT6IdbJXaCwYoexnfSfzDdu3i5zMuReF4zdkFUEfAdcbOM8Cr0Abnn4+iLVrof/QaOEuZDC+Pf5QUhkAArETdavSCUIbV6+1md0jz/T8yalgrTCsYOoEUbSPwM/8vmiYDWSo/tvAf3KnVIPjjK2UFz7Qu0HyK0y1dBEXoYLGZ1ep4x67aE4zy7GlR2GZdAYilHknugZB+/kvYGDEixHFfcUh/uvF5PY8sm63C6HUBT1s/aQHXGHgE4uUru6YvbU3UW3fRdslABY/atZ9gc3MuKu9Zk27b1SYfAAoK1R8rKsOKWqUWvvMVCfKBNKqqb7+30q75iGeneB8Tb1C9lToyDG2Yl5p+Gpfnj8YmaU/xFm0HFEC42crRbaQyz01LmupHWf8VwH/O2LsjztAF9b4Oe2q/NwqQAF+h5hIm2tfM2fzxHGCmw1sFYf6dEdkyV5pge/IJrnuQn27iO06tRC6tvrt/ocbpwEEOk/3WWpAWW4oT8L5ceh7iAXrCRWpw== | ||
8 | ''; | ||
9 | }; | ||
10 | ed25519 = { | ||
11 | inherit hostNames; | ||
12 | publicKey = '' | ||
13 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDeBBux2bIXnS/RUv+Y/NCpzI/SCW0KOJSzf48KDiEZD | ||
14 | ''; | ||
15 | }; | ||
16 | } | ||