about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-04-29 14:44:45 -0700
committerFranck Cuny <franck@fcuny.net>2023-04-29 15:09:08 -0700
commitab89c107d9b431776b5bfbf4667b609b771ca945 (patch)
treee7619fbd2d79510bfa56ef76097036a6bbc1d019
parenthosts/tahoe: disable rclone (diff)
downloadworld-ab89c107d9b431776b5bfbf4667b609b771ca945.tar.gz
modules/system: add ssh keys for known hosts
These keys are stable, they can be set on every hosts.
-rw-r--r--modules/system/security/default.nix10
1 files changed, 10 insertions, 0 deletions
diff --git a/modules/system/security/default.nix b/modules/system/security/default.nix
index 1181e6a..ecb32d0 100644
--- a/modules/system/security/default.nix
+++ b/modules/system/security/default.nix
@@ -3,4 +3,14 @@
 {
   security.sudo.wheelNeedsPassword = false;
   security.polkit.enable = true;
+
+  programs.ssh = {
+    # $ ssh-keyscan example.com
+    knownHosts = {
+      github = {
+        hostNames = [ "github.com" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
+      };
+    };
+  };
 }