From 02a0b57551a6a5f9ebccff226c12b8f671a7c149 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Tue, 3 Aug 2021 17:12:41 +0200
Subject: vidhar: initrd ssh
---
hosts/vidhar/default.nix | 21 +------------
hosts/vidhar/initrd-host-keys/private.yaml | 35 ----------------------
hosts/vidhar/initrd-host-keys/public.yaml | 4 ---
system-profiles/initrd-ssh/default.nix | 35 ++++++++++++++++++++++
.../initrd-ssh/host-keys/vidhar-private.yaml | 35 ++++++++++++++++++++++
.../initrd-ssh/host-keys/vidhar-public.yaml | 4 +++
6 files changed, 75 insertions(+), 59 deletions(-)
delete mode 100644 hosts/vidhar/initrd-host-keys/private.yaml
delete mode 100644 hosts/vidhar/initrd-host-keys/public.yaml
create mode 100644 system-profiles/initrd-ssh/default.nix
create mode 100644 system-profiles/initrd-ssh/host-keys/vidhar-private.yaml
create mode 100644 system-profiles/initrd-ssh/host-keys/vidhar-public.yaml
diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix
index 4d7830e8..25f37133 100644
--- a/hosts/vidhar/default.nix
+++ b/hosts/vidhar/default.nix
@@ -3,6 +3,7 @@
imports = with flake.nixosModules.systemProfiles; [
./zfs.nix
initrd-all-crypto-modules default-locale openssh rebuild-machines
+ initrd-ssh
];
config = {
@@ -41,15 +42,6 @@
hdd4.device = "/dev/disk/by-label/${hostName}-hdd4";
hdd5.device = "/dev/disk/by-label/${hostName}-hdd5";
};
-
- network = {
- enable = true;
- ssh = {
- enable = true;
- hostKeys = with config.sops.secrets; [ initrd_ssh_host_rsa_key.path initrd_ssh_host_ed25519_key.path ];
- authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys ++ map (kF: builtins.readFile kF) config.users.users.root.openssh.authorizedKeys.keyFiles;
- };
- };
};
supportedFilesystems = [ "zfs" ];
@@ -58,17 +50,6 @@
};
};
- sops.secrets = {
- initrd_ssh_host_rsa_key = {
- key = "rsa";
- sopsFile = ./initrd-host-keys/private.yaml;
- };
- initrd_ssh_host_ed25519_key = {
- key = "ed25519";
- sopsFile = ./initrd-host-keys/private.yaml;
- };
- };
-
fileSystems = {
"/" = {
fsType = "tmpfs";
diff --git a/hosts/vidhar/initrd-host-keys/private.yaml b/hosts/vidhar/initrd-host-keys/private.yaml
deleted file mode 100644
index ea424974..00000000
--- a/hosts/vidhar/initrd-host-keys/private.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-rsa: ENC[AES256_GCM,data:u5NbMQLLIHzcH1oUvGbxNRiK0DUX84tQ/sIaUae370jkTdiRTrwTSOX+TielSgwEyLo7KAOVO0olbEheJjP6tLlOExDZZCO09YBqvZksSkT+0irnpA9K3oIPZVAKMgoGMRvr8I1fWn9ZQGpzFBrEOGN9+f5bJ4y44IHUxepvCalQQb4wFNqZv/tPAH8ku18v4U6Nocqfj4PfECzCaslRBY3tCiZ4ipbnBSaLM5KHDZWHYti88kG67xwupJ/v48wLtKwVQIzTvY+oN4ZnwRGzmqHfuz8EET/BrLZ/WLJtf3JuEqTZQIw24qP/8Q2/zEH40IzxeZvP5D1MzPpEVamU1FM9WAtwOQkrpoZL8+lRpcJvQdqbZqz1qLGU0MZmI++MudxebuIZ5g36y7xLAcYS3OuaekG66e6fhp1txqK09HB3wxXJVq7B13ip0MRDl1xfbVkSfDFBSSZ7hCueFS+2ee8d7fha7Y1wINZ5eU9WCjRG3yD/vMvLbJjRDKVhCZmoWUWcrhlzOIRmgYVetZqsHmPjBqOFd4bdc8fJLoJaGtlUFxSpuep8kO48J5Ibuk2GnBaiWinT92rUrkbErlREnDDt20B6ev7A3uJ8kLogiH6OdwVMvw2U1DTSsUZFhzlgXxe9kSThonR8ISpMOafDQOucfHNf96P5I5px0w6+KjZAFp9E7Liw3I5CBkvx+DYPYrq+4l3Q6/NdEAIBJivfxItLCbQn0EdS5bRPjWlygEjWmcUz2ivmTShpHYO4ZGjrgxgF6SVzJFcS66UzL/MrdHwxWuTkjcOQ8S9CaUq4uSniHusnO5RQEbDQSFvH5+D9R/vsaqDx+Hr1VHj782hEMDaRnV6afV1j4zlrJyO6VoUDVH5NAnlGRxDBDjnPhS+769qVlqlGNcrMqHJC0Xp2LPEfxKdRfPFAxSAVGNCj7s2w2t0/XSZ3qPOHOzkQRx0A4wD9r0CtarE1mO1My2mQnCSs/t9MGNiVNWRJXox4R2cpZY773+4XCPIli89ByOl6nVc1kva/ZifpVdLOAd0nPD+flq+H8CdZDWDcZVPrsiNplP3f38b41mIdpP/H4INORFnmOl1NEpwAO2J9n4uWBkXhst4PYJoTwdkr4YkVOgYK1hYlvrXoo36B/akTmVLNXwA7E75Db5LcMNhtnHuaUMmc1a1ztMQzXAKbeC4GR173kT49Yo8o0rkVTUPYYyXpAQyOIkwL1yRI1QvArKmwzb21UcN4t0dd7VGGTyDe3tJ8rdtJp7g225YSrFCOKKcpPCEKrKaqZMknOTzANnKMzwk/bHeGU9vaAOKrPJ8FjPqO6txWumYIXcMUyLERZ8jaC+1NTbGeq+u8q0IkESOTOB8TGEmafa6UBIkn15L5DDM4aA8sxjXL3WHaDRNfeRUjT5QVW3a3AiNMvEugNQIksTBcIpj7xPcf5LkncopP5BhLKFj3n9wGEdI/BBCclR3VnkIVkiGjxcJpdjkRXIYIxo69a/xV31Sw/sFxbg0/QsdEkCzkn553/SQbWKJbQDnSeQPNc5UIfSsn0wqknIOgRjFbHEZDD+PGPFrQzbz+v54ZfpVtCmgkoYvu4M6sfJ8r0VuuEcHCAjyS2CzFR6IYqyR7dZqDBAwdP6EeDbo2tQFwH0myYEkPFSwwWfPzvayyjP85LSVBNVBpCGVeuNSDYiJ0j/hyOYNxwj+rQ8IC+0Fl0EbikZuVZ8LD/tQl08aCh4g89psayM0PBKUrs0FCJoh6uSXKbSuenyllvjc9KRj0uwKYtKO/QhfCf1XgAdcUm3FRWGAohDrPaWkeCn75YerskIcDaVZuk9sQa76vW4djWzJpGPPZ1lYQh1IMojFr/SbRqvH/q5Jj3GHbRaVvkym1VRFQmerb0g7WPcs1tugTUvXSLm8dnfBYNCX6X/LkfyMtW6LeWlasdOTSOzNh+HpqIDMXRwq7l3xfwCuvIVcdF0aS+uWpOeiBuqPVCNqr1qF0IzGI53Uw5bkFY/wxxwIBbRxi1pAy91C4nLjWnhWgNw66h23Cw/cq2aFNdSsw/Amtn/8TztUIpH6QZG/1QyaZBjH+yXUm4OFkb31VVQCnaEPqHVoHpkmGFu2zNMrrVCHLEwOpyyBpRskHA1oGCv0fv5Smn6G+n2liHe0YDPQdH+GvMvJYfuzju0eahFhozRU1X3NPbbHAKcxffeQ+bkXN2QQncJgmPMY6bzbe85S94uk3Y0lSf4/L9kWcoaV+96ChjZ7hV1nFjkD0R9GPsEmLebS7MdnzDQLRMKhwEJgLi6S7PZg/Q9OPuXU7qX2mnmM9S7HLDfeW1oMcGhrhj/bvneBJB+XG4GWnQUVGS4EKACURV9A2nyx3/zfXIdEW1FX3dByWuJf73hPqnWqrGunMb1tHAWenTnw34KT5l077duSvYGpS44AGyZwwpA/7rwAAYlu2G0m+lPWRvJMSQweoKwgZh58E2v9T0b+yAY+YTpTMnh/gALW7wtpJy77IzroZEKx0ysWQ7HywzbXoZc3wpiCvGbxrxQJsLj91JBo7QT6VwCgId6bLgcgMwX6YptRTqTu7nt37VzeT3jsWj5TvXXXa0sToWplUtE5WzwpSx6sx7iPwd63NSDBSfGoOH6ZFgBBVuu1qSYUekp3oipY86V4w+bpPexck/ZgS8fMfYVILlAvt97J7tRTEqo02opEWwO2a4t1lBjaVtvskUIC5ddcSDN0JwY6JpblS2i9CiDB+Dv4oA8oepA/GGnbIK9YUC4uerrfZjPfyf9lIIKYY3EpvMghhOYLkKR/jwDAX7t6c92YrkCtNXRAiGPNMnYiP5S9kK7zlVeb/70Nd3Ew6iOlpklNRlMM6zSOy8vzRGnBoDhtWcPDmyUHh0W9ZuXv2LD+f7qaMqZngKxo3kdThA2bCMRpCiAst/1GmEq/7cw7R6TW+ENcBZfZqZLUcIHAMFsVJ5M8LpUT0Q4kQ6Ha3uiPDdRtC5gXFEWhTq+XPBm5Sn2EMOxqI+j0yknhGXQ4dpr+AAT6B6y5fYR3Fe3ytTMet5Q1fezTuL4bRPRyHpV+R9QigSf+OM47SwbG4E/+ZKuIMWfBsIv+vfuw5XGTXGHtYm2rvAD92BTa8pMrD9G4o6ZTHTUO9DGnYZUhLdWYFH6I8TS5IGKuwvo5DezUmyoC08BR7yAq2zm33cw9WaNfNCDpBSCUuzrgXJHDEJVICc9QugMM3Z17U0oPksGybj02gptC8724cxxA0Spxb1seRsRlMYHYWCI2Tdv9Mjhr5sw5MjwtioALbQ4hsihXgTGlqkrgaW2TAKFt8L4gb2hhp5l+jxnGF3gacFodniRLGI4ue6MgwlHhFVaiGa5dT+tjU6tYDVCaL8DeHj7UZDEs2NJo4+v5lwv6JjZMAZfbPFY150KSlHV2u0ll64pF7sJjKF7pEaSYYmdRhEjCjFpMCmtJ0rxJtgIyuzA==,iv:r/ksbyC44RrP2BCUUdmOHPfIhi9LPCF+fs1/urWz6Ss=,tag:Zk3xJw1tcf+/YQpAYwVt+w==,type:str]
-ed25519: ENC[AES256_GCM,data:PE0UKLLThNwkdi2oz38HlgslJD5i9c9cL4ZBSBxSMcz7bXzLMv58Z9vucJ4WPtBxKSvFx5ksl/alRUyh2WTxuGNgut9vcgcNSG2qXzb8jdxb5CbFK1yVglVX7wtQkaOwmlc1Pty64sA0jwucaQQhEMeVXA/kxwe5uagCIupjP6lqnkzAuf4Dc1jIfXdEoEV0jtVUSjgeXHPymSPkg1J95VUMEIfVbncFxvzSQngv5kuE/XoH3adujuKR9fC/Z5u08hSjTzGQzMdgZk5BYvy7AWYN8SmfWcyAkClywj9DCzgaw8KY+MzSxQWrhAt3rqobmtVoJoJ5oc1/l6m5pPsyb/Ex2wwFh/rWm7SNfhW/Ev/ZuIX7llL7HCgXxhiCJIl9X4jkwF6OvslvK1wYgJ6rvGQwyM+/7Q8/rX1KJnq3qA93SfDi/fPLuJxcMYj/mZ/bluG4bsTFaUzDf1l6C251p24JJt3F0o1RTF1zgACrdhKK1BN79sQt4xDnHawCCwEkBbdeE0pmml1i3aUy5thl,iv:6cYTjmJd44Uc+uwnIZI1CUuKhYNGHuWa8wr7CYJY3RY=,tag:+PGy7aVeHyLH+B04Nj8BRQ==,type:str]
-sops:
- kms: []
- gcp_kms: []
- azure_kv: []
- hc_vault: []
- age: []
- lastmodified: "2021-08-03T14:47:32Z"
- mac: ENC[AES256_GCM,data:gWbmGMZ+/Ts7NP9J1q/kjQmJ7V6lJ5xFpjZNJ+aTOmkz7a6sG8SRvNEW/qrpJfCzEFdQJYhOW3X9FhWpb5U6j4gINrgqUGdusQpw0PmIieC5tCPQPlTPHMReK0xaZ3NViMdHJhGdtehGfPqAtA3Bifn2ZZzOrzTOaPN2fH11fZw=,iv:FhKERfmDPmWn5ZKkuHWMc/vINpmJTr0jZ1iCkSgAUEs=,tag:ibe+m8vz6b+a+as5mz4+eA==,type:str]
- pgp:
- - created_at: "2021-08-03T14:47:02Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hF4DXxoViZlp6dISAQdAFyVws/2vIBK6ohlM93FpgKt6RXI8RPgaJSgHKsSeMB8w
- XJqXQ2YGG8X6kHR/SW3A//1hBbLAaT6cRj7PLtkabr/5vgJ1Yk+k2mCFg+fte61o
- 0l4Bppl+iqVjECSJlrRp/GtbbyGlSS+pAItDZKAZOnrIYbx27CFfxNDDHv8EAFDP
- HoYtgpeVxgRuvIBMHexMiuFExExkddHpHkSDoT1iJOsK+SQEqbxSfZpEJIRLcjb9
- =hvve
- -----END PGP MESSAGE-----
- fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51
- - created_at: "2021-08-03T14:47:02Z"
- enc: |
- -----BEGIN PGP MESSAGE-----
-
- hF4DbYDvGI0HDr0SAQdAvLR7Ngh3gqQAnmlCeSwKGwWXBNlBZxxliQBOkhhKcSow
- V9mWDn01Iue3qHQwGCd7Om/9EqU7SkFrkxzgAIBRJpAmj0eP1zsgiWepawzQ4glb
- 0l4ByB+6R+V2SyGI9HcABJiLcTOIjVLgn1QzK0l4K2ewS2K5FSBGNzVKoT+p4J5a
- ja6A7vM0u12ddlqkifBsqN7900gI2ZTUz00rDZqis3sJk9J8dyWsAdkscig7Htlg
- =hZHL
- -----END PGP MESSAGE-----
- fp: A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362
- unencrypted_suffix: _unencrypted
- version: 3.7.1
diff --git a/hosts/vidhar/initrd-host-keys/public.yaml b/hosts/vidhar/initrd-host-keys/public.yaml
deleted file mode 100644
index af521564..00000000
--- a/hosts/vidhar/initrd-host-keys/public.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-rsa: |
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCs0bzHfJBgG5AP0nSUgkGBoxRLRDu9FMfwJN3NFLeUf1axmKPja0mO+ddUQeLobDcl4zU4VyBxdd5qrrSkAufM76GJJFqXGJs98WudELXD5I4/o99Fh7xSf6QtafftTbjUfcTzX9t30Cb109Ppv1sKANcfLOx5EWH4TX3WK0vWTZHlS/OHvojwx7Y8/8dYbA96neMSBK5ceDu/VAG/JHYz5JgtDczSKUnbh026xav8rv9Sd3paC42XNlWSkjvpXxXoJ+ta5SuOXAl+4gPDvjgxK+QJ+yglhJma7LdHt7tqQjy/R0v5+wMzbNCKdQ1E9GiCw+hSE3mbCj/PVFy+J1oadBta+qF5SKCSurFeCRaehTTz6Qynxu0OxLQV/OHX6yC2i9OVJOs0PNGiot9pjxoSKyKrlT7gshP6MRfC1F330oVDSOPAkFLFFkTJtzb0ifJ5s1LyM0LyJAPso+5ytCcSOoQpcKd54VbSTYXBcnWtRFtEzUDIeLDeRWgQ0zJsef8=
-ed25519: |
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBb+RVaConednm1DsYh18ttUEs/FJ7+E3g0YGbZcJthp
diff --git a/system-profiles/initrd-ssh/default.nix b/system-profiles/initrd-ssh/default.nix
new file mode 100644
index 00000000..00fa55b6
--- /dev/null
+++ b/system-profiles/initrd-ssh/default.nix
@@ -0,0 +1,35 @@
+{ hostName, config, pkgs, ... }:
+{
+ config = {
+ boot.initrd.network = {
+ enable = true;
+ ssh = {
+ enable = true;
+ hostKeys = with config.sops.secrets; [ initrd_ssh_host_rsa_key.path initrd_ssh_host_ed25519_key.path ];
+ authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys ++ map (kF: builtins.readFile kF) config.users.users.root.openssh.authorizedKeys.keyFiles;
+ };
+ };
+
+ sops.secrets = {
+ initrd_ssh_host_rsa_key = {
+ key = "rsa";
+ path = "/etc/initrd_ssh_host_rsa_key";
+ sopsFile = ./host-keys + "/${hostName}-private.yaml";
+ };
+ initrd_ssh_host_ed25519_key = {
+ key = "ed25519";
+ path = "/etc/initrd_ssh_host_ed25519_key";
+ sopsFile = ./host-keys + "/${hostName}-private.yaml";
+ };
+ };
+ environment.etc =
+ let
+ mkPubkey = typ: pkgs.runCommand "initrd_ssh_host_${typ}_key" { buildInputs = with pkgs; [ yq ]; } ''
+ yq -r '.${typ}' ${./host-keys + "/${hostName}-public.yaml"} > $out
+ '';
+ in {
+ "initrd_ssh_host_rsa_key.pub".source = mkPubkey "rsa";
+ "initrd_ssh_host_ed25519_key.pub".source = mkPubkey "ed25519";
+ };
+ };
+}
diff --git a/system-profiles/initrd-ssh/host-keys/vidhar-private.yaml b/system-profiles/initrd-ssh/host-keys/vidhar-private.yaml
new file mode 100644
index 00000000..ea424974
--- /dev/null
+++ b/system-profiles/initrd-ssh/host-keys/vidhar-private.yaml
@@ -0,0 +1,35 @@
+rsa: ENC[AES256_GCM,data:u5NbMQLLIHzcH1oUvGbxNRiK0DUX84tQ/sIaUae370jkTdiRTrwTSOX+TielSgwEyLo7KAOVO0olbEheJjP6tLlOExDZZCO09YBqvZksSkT+0irnpA9K3oIPZVAKMgoGMRvr8I1fWn9ZQGpzFBrEOGN9+f5bJ4y44IHUxepvCalQQb4wFNqZv/tPAH8ku18v4U6Nocqfj4PfECzCaslRBY3tCiZ4ipbnBSaLM5KHDZWHYti88kG67xwupJ/v48wLtKwVQIzTvY+oN4ZnwRGzmqHfuz8EET/BrLZ/WLJtf3JuEqTZQIw24qP/8Q2/zEH40IzxeZvP5D1MzPpEVamU1FM9WAtwOQkrpoZL8+lRpcJvQdqbZqz1qLGU0MZmI++MudxebuIZ5g36y7xLAcYS3OuaekG66e6fhp1txqK09HB3wxXJVq7B13ip0MRDl1xfbVkSfDFBSSZ7hCueFS+2ee8d7fha7Y1wINZ5eU9WCjRG3yD/vMvLbJjRDKVhCZmoWUWcrhlzOIRmgYVetZqsHmPjBqOFd4bdc8fJLoJaGtlUFxSpuep8kO48J5Ibuk2GnBaiWinT92rUrkbErlREnDDt20B6ev7A3uJ8kLogiH6OdwVMvw2U1DTSsUZFhzlgXxe9kSThonR8ISpMOafDQOucfHNf96P5I5px0w6+KjZAFp9E7Liw3I5CBkvx+DYPYrq+4l3Q6/NdEAIBJivfxItLCbQn0EdS5bRPjWlygEjWmcUz2ivmTShpHYO4ZGjrgxgF6SVzJFcS66UzL/MrdHwxWuTkjcOQ8S9CaUq4uSniHusnO5RQEbDQSFvH5+D9R/vsaqDx+Hr1VHj782hEMDaRnV6afV1j4zlrJyO6VoUDVH5NAnlGRxDBDjnPhS+769qVlqlGNcrMqHJC0Xp2LPEfxKdRfPFAxSAVGNCj7s2w2t0/XSZ3qPOHOzkQRx0A4wD9r0CtarE1mO1My2mQnCSs/t9MGNiVNWRJXox4R2cpZY773+4XCPIli89ByOl6nVc1kva/ZifpVdLOAd0nPD+flq+H8CdZDWDcZVPrsiNplP3f38b41mIdpP/H4INORFnmOl1NEpwAO2J9n4uWBkXhst4PYJoTwdkr4YkVOgYK1hYlvrXoo36B/akTmVLNXwA7E75Db5LcMNhtnHuaUMmc1a1ztMQzXAKbeC4GR173kT49Yo8o0rkVTUPYYyXpAQyOIkwL1yRI1QvArKmwzb21UcN4t0dd7VGGTyDe3tJ8rdtJp7g225YSrFCOKKcpPCEKrKaqZMknOTzANnKMzwk/bHeGU9vaAOKrPJ8FjPqO6txWumYIXcMUyLERZ8jaC+1NTbGeq+u8q0IkESOTOB8TGEmafa6UBIkn15L5DDM4aA8sxjXL3WHaDRNfeRUjT5QVW3a3AiNMvEugNQIksTBcIpj7xPcf5LkncopP5BhLKFj3n9wGEdI/BBCclR3VnkIVkiGjxcJpdjkRXIYIxo69a/xV31Sw/sFxbg0/QsdEkCzkn553/SQbWKJbQDnSeQPNc5UIfSsn0wqknIOgRjFbHEZDD+PGPFrQzbz+v54ZfpVtCmgkoYvu4M6sfJ8r0VuuEcHCAjyS2CzFR6IYqyR7dZqDBAwdP6EeDbo2tQFwH0myYEkPFSwwWfPzvayyjP85LSVBNVBpCGVeuNSDYiJ0j/hyOYNxwj+rQ8IC+0Fl0EbikZuVZ8LD/tQl08aCh4g89psayM0PBKUrs0FCJoh6uSXKbSuenyllvjc9KRj0uwKYtKO/QhfCf1XgAdcUm3FRWGAohDrPaWkeCn75YerskIcDaVZuk9sQa76vW4djWzJpGPPZ1lYQh1IMojFr/SbRqvH/q5Jj3GHbRaVvkym1VRFQmerb0g7WPcs1tugTUvXSLm8dnfBYNCX6X/LkfyMtW6LeWlasdOTSOzNh+HpqIDMXRwq7l3xfwCuvIVcdF0aS+uWpOeiBuqPVCNqr1qF0IzGI53Uw5bkFY/wxxwIBbRxi1pAy91C4nLjWnhWgNw66h23Cw/cq2aFNdSsw/Amtn/8TztUIpH6QZG/1QyaZBjH+yXUm4OFkb31VVQCnaEPqHVoHpkmGFu2zNMrrVCHLEwOpyyBpRskHA1oGCv0fv5Smn6G+n2liHe0YDPQdH+GvMvJYfuzju0eahFhozRU1X3NPbbHAKcxffeQ+bkXN2QQncJgmPMY6bzbe85S94uk3Y0lSf4/L9kWcoaV+96ChjZ7hV1nFjkD0R9GPsEmLebS7MdnzDQLRMKhwEJgLi6S7PZg/Q9OPuXU7qX2mnmM9S7HLDfeW1oMcGhrhj/bvneBJB+XG4GWnQUVGS4EKACURV9A2nyx3/zfXIdEW1FX3dByWuJf73hPqnWqrGunMb1tHAWenTnw34KT5l077duSvYGpS44AGyZwwpA/7rwAAYlu2G0m+lPWRvJMSQweoKwgZh58E2v9T0b+yAY+YTpTMnh/gALW7wtpJy77IzroZEKx0ysWQ7HywzbXoZc3wpiCvGbxrxQJsLj91JBo7QT6VwCgId6bLgcgMwX6YptRTqTu7nt37VzeT3jsWj5TvXXXa0sToWplUtE5WzwpSx6sx7iPwd63NSDBSfGoOH6ZFgBBVuu1qSYUekp3oipY86V4w+bpPexck/ZgS8fMfYVILlAvt97J7tRTEqo02opEWwO2a4t1lBjaVtvskUIC5ddcSDN0JwY6JpblS2i9CiDB+Dv4oA8oepA/GGnbIK9YUC4uerrfZjPfyf9lIIKYY3EpvMghhOYLkKR/jwDAX7t6c92YrkCtNXRAiGPNMnYiP5S9kK7zlVeb/70Nd3Ew6iOlpklNRlMM6zSOy8vzRGnBoDhtWcPDmyUHh0W9ZuXv2LD+f7qaMqZngKxo3kdThA2bCMRpCiAst/1GmEq/7cw7R6TW+ENcBZfZqZLUcIHAMFsVJ5M8LpUT0Q4kQ6Ha3uiPDdRtC5gXFEWhTq+XPBm5Sn2EMOxqI+j0yknhGXQ4dpr+AAT6B6y5fYR3Fe3ytTMet5Q1fezTuL4bRPRyHpV+R9QigSf+OM47SwbG4E/+ZKuIMWfBsIv+vfuw5XGTXGHtYm2rvAD92BTa8pMrD9G4o6ZTHTUO9DGnYZUhLdWYFH6I8TS5IGKuwvo5DezUmyoC08BR7yAq2zm33cw9WaNfNCDpBSCUuzrgXJHDEJVICc9QugMM3Z17U0oPksGybj02gptC8724cxxA0Spxb1seRsRlMYHYWCI2Tdv9Mjhr5sw5MjwtioALbQ4hsihXgTGlqkrgaW2TAKFt8L4gb2hhp5l+jxnGF3gacFodniRLGI4ue6MgwlHhFVaiGa5dT+tjU6tYDVCaL8DeHj7UZDEs2NJo4+v5lwv6JjZMAZfbPFY150KSlHV2u0ll64pF7sJjKF7pEaSYYmdRhEjCjFpMCmtJ0rxJtgIyuzA==,iv:r/ksbyC44RrP2BCUUdmOHPfIhi9LPCF+fs1/urWz6Ss=,tag:Zk3xJw1tcf+/YQpAYwVt+w==,type:str]
+ed25519: ENC[AES256_GCM,data:PE0UKLLThNwkdi2oz38HlgslJD5i9c9cL4ZBSBxSMcz7bXzLMv58Z9vucJ4WPtBxKSvFx5ksl/alRUyh2WTxuGNgut9vcgcNSG2qXzb8jdxb5CbFK1yVglVX7wtQkaOwmlc1Pty64sA0jwucaQQhEMeVXA/kxwe5uagCIupjP6lqnkzAuf4Dc1jIfXdEoEV0jtVUSjgeXHPymSPkg1J95VUMEIfVbncFxvzSQngv5kuE/XoH3adujuKR9fC/Z5u08hSjTzGQzMdgZk5BYvy7AWYN8SmfWcyAkClywj9DCzgaw8KY+MzSxQWrhAt3rqobmtVoJoJ5oc1/l6m5pPsyb/Ex2wwFh/rWm7SNfhW/Ev/ZuIX7llL7HCgXxhiCJIl9X4jkwF6OvslvK1wYgJ6rvGQwyM+/7Q8/rX1KJnq3qA93SfDi/fPLuJxcMYj/mZ/bluG4bsTFaUzDf1l6C251p24JJt3F0o1RTF1zgACrdhKK1BN79sQt4xDnHawCCwEkBbdeE0pmml1i3aUy5thl,iv:6cYTjmJd44Uc+uwnIZI1CUuKhYNGHuWa8wr7CYJY3RY=,tag:+PGy7aVeHyLH+B04Nj8BRQ==,type:str]
+sops:
+ kms: []
+ gcp_kms: []
+ azure_kv: []
+ hc_vault: []
+ age: []
+ lastmodified: "2021-08-03T14:47:32Z"
+ mac: ENC[AES256_GCM,data:gWbmGMZ+/Ts7NP9J1q/kjQmJ7V6lJ5xFpjZNJ+aTOmkz7a6sG8SRvNEW/qrpJfCzEFdQJYhOW3X9FhWpb5U6j4gINrgqUGdusQpw0PmIieC5tCPQPlTPHMReK0xaZ3NViMdHJhGdtehGfPqAtA3Bifn2ZZzOrzTOaPN2fH11fZw=,iv:FhKERfmDPmWn5ZKkuHWMc/vINpmJTr0jZ1iCkSgAUEs=,tag:ibe+m8vz6b+a+as5mz4+eA==,type:str]
+ pgp:
+ - created_at: "2021-08-03T14:47:02Z"
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DXxoViZlp6dISAQdAFyVws/2vIBK6ohlM93FpgKt6RXI8RPgaJSgHKsSeMB8w
+ XJqXQ2YGG8X6kHR/SW3A//1hBbLAaT6cRj7PLtkabr/5vgJ1Yk+k2mCFg+fte61o
+ 0l4Bppl+iqVjECSJlrRp/GtbbyGlSS+pAItDZKAZOnrIYbx27CFfxNDDHv8EAFDP
+ HoYtgpeVxgRuvIBMHexMiuFExExkddHpHkSDoT1iJOsK+SQEqbxSfZpEJIRLcjb9
+ =hvve
+ -----END PGP MESSAGE-----
+ fp: 30D3453B8CD02FE2A3E7C78C0FB536FB87AE8F51
+ - created_at: "2021-08-03T14:47:02Z"
+ enc: |
+ -----BEGIN PGP MESSAGE-----
+
+ hF4DbYDvGI0HDr0SAQdAvLR7Ngh3gqQAnmlCeSwKGwWXBNlBZxxliQBOkhhKcSow
+ V9mWDn01Iue3qHQwGCd7Om/9EqU7SkFrkxzgAIBRJpAmj0eP1zsgiWepawzQ4glb
+ 0l4ByB+6R+V2SyGI9HcABJiLcTOIjVLgn1QzK0l4K2ewS2K5FSBGNzVKoT+p4J5a
+ ja6A7vM0u12ddlqkifBsqN7900gI2ZTUz00rDZqis3sJk9J8dyWsAdkscig7Htlg
+ =hZHL
+ -----END PGP MESSAGE-----
+ fp: A1C7C95E6CAF0A965CB47277BCF50A89C1B1F362
+ unencrypted_suffix: _unencrypted
+ version: 3.7.1
diff --git a/system-profiles/initrd-ssh/host-keys/vidhar-public.yaml b/system-profiles/initrd-ssh/host-keys/vidhar-public.yaml
new file mode 100644
index 00000000..af521564
--- /dev/null
+++ b/system-profiles/initrd-ssh/host-keys/vidhar-public.yaml
@@ -0,0 +1,4 @@
+rsa: |
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCs0bzHfJBgG5AP0nSUgkGBoxRLRDu9FMfwJN3NFLeUf1axmKPja0mO+ddUQeLobDcl4zU4VyBxdd5qrrSkAufM76GJJFqXGJs98WudELXD5I4/o99Fh7xSf6QtafftTbjUfcTzX9t30Cb109Ppv1sKANcfLOx5EWH4TX3WK0vWTZHlS/OHvojwx7Y8/8dYbA96neMSBK5ceDu/VAG/JHYz5JgtDczSKUnbh026xav8rv9Sd3paC42XNlWSkjvpXxXoJ+ta5SuOXAl+4gPDvjgxK+QJ+yglhJma7LdHt7tqQjy/R0v5+wMzbNCKdQ1E9GiCw+hSE3mbCj/PVFy+J1oadBta+qF5SKCSurFeCRaehTTz6Qynxu0OxLQV/OHX6yC2i9OVJOs0PNGiot9pjxoSKyKrlT7gshP6MRfC1F330oVDSOPAkFLFFkTJtzb0ifJ5s1LyM0LyJAPso+5ytCcSOoQpcKd54VbSTYXBcnWtRFtEzUDIeLDeRWgQ0zJsef8=
+ed25519: |
+ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBb+RVaConednm1DsYh18ttUEs/FJ7+E3g0YGbZcJthp
--
cgit v1.2.3