From 1720dac456e4c94505bea8be55547130ac146a74 Mon Sep 17 00:00:00 2001 From: nixos Date: Tue, 3 Oct 2023 08:06:12 +0200 Subject: [PATCH] add cert authorities to ssh known hosts --- configuration.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/configuration.nix b/configuration.nix index 56ed5e7..ff1660b 100644 --- a/configuration.nix +++ b/configuration.nix @@ -30,6 +30,7 @@ in }; home-manager.users.pim = import /home/pim/.config/home-manager/home.nix; + users.users.pim = { isNormalUser = true; extraGroups = [ "wheel" ]; @@ -48,4 +49,18 @@ in }; system.stateVersion = stateVersion; + + programs.ssh.knownHosts = { + dmz = { + hostNames = ["*.dmz"]; + publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAX2IhgHNxC6JTvLu9cej+iWuG+uJFMXn4AiRro9533x"; + certAuthority = true; + }; + + hypervisors = { + hostNames = ["*.hyp"]; + publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzRkH3d/KVJQouswY/DMpenWbDFVOnI3Vut0xR0e1tb"; + certAuthority = true; + }; + }; }