Use SSH certificate on starlight

This commit is contained in:
Artemis Tosini 2021-09-18 17:44:53 +00:00
parent 54c42ebdd7
commit 700482ac31
Signed by: artemist
GPG key ID: ADFFE553DCBB831E
5 changed files with 7 additions and 2 deletions

@ -1 +1 @@
Subproject commit 3512e177ea84eccde10e92f2f59f9ca53fd12be3 Subproject commit 8e7d1a212ec93008a038ba9cfa178f21584c8441

View file

@ -13,5 +13,5 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIElCYORRBERl/as01Obp1Og/mdy28V7gw32uCZseOSZt root@spike" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIElCYORRBERl/as01Obp1Og/mdy28V7gw32uCZseOSZt root@spike"
]; ];
}; };
users.groups.build = {}; users.groups.build = { };
} }

View file

@ -3,6 +3,7 @@
{ {
services.openssh = { services.openssh = {
enable = true; enable = true;
permitRootLogin = "no";
passwordAuthentication = false; passwordAuthentication = false;
challengeResponseAuthentication = false; challengeResponseAuthentication = false;
}; };

View file

@ -42,6 +42,9 @@
}; };
networking.dhcpcd.allowInterfaces = [ "br0" ]; networking.dhcpcd.allowInterfaces = [ "br0" ];
services.openssh.extraConfig = ''
HostCertificate ${./starlight-cert.pub}
'';
# Filesystems # Filesystems
services.btrfs.autoScrub = { services.btrfs.autoScrub = {

View file

@ -0,0 +1 @@
ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIGUyWiAERR47rTR2lohChiKdU0kf4TtRvJ/KQtIGIqZDAAAAIH6tiVWFxibZuhoaZbqwlqjBm9x6k5hsY05/RXUgjNrxAAAAAAAAAAAAAAACAAAACXN0YXJsaWdodAAAACIAAAAec3RhcmxpZ2h0Lm1hbmVoYXR0YW4uYXJ0ZW0uaXN0AAAAAAAAAAD//////////wAAAAAAAAAAAAAAAAAAAJYAAAAic2stZWNkc2Etc2hhMi1uaXN0cDI1NkBvcGVuc3NoLmNvbQAAAAhuaXN0cDI1NgAAAEEEs2afp1TpC5y/FgHU6zq30W1HuH+QkYhwl1Rku/mJe4soLCq0pj8YQMIMObCTSSSaWCAQOgtKxMc0Oj1kuO8jSwAAABtzc2g6Y2FAbWFuZWhhdHRhbi5hcnRlbS5pc3QAAAB4AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAABJAAAAIQDoX9ScwnW7ZRlhE3MzamTHa7Z4XGFwKckZUkxFrWV+uAAAACAWZU7Mo4n5PtIj5OvXwVawot7aerV8KVNmGyT9tCFOlgEAAAAU root@starlight