From d98f004eaabbe781e54489ccf48a292f15c7092b Mon Sep 17 00:00:00 2001
From: Artemis Tosini <me@artem.ist>
Date: Tue, 30 Aug 2022 16:24:39 +0000
Subject: [PATCH] Prefer SSH certificate host keys

---
 home/ssh/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/home/ssh/default.nix b/home/ssh/default.nix
index c7e0611..71cf536 100644
--- a/home/ssh/default.nix
+++ b/home/ssh/default.nix
@@ -14,7 +14,7 @@
       KexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
       MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
       Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
-      HostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com
+      HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-256,rsa-sha2-512
       VerifyHostKeyDNS ask
       VisualHostKey yes
       UpdateHostKeys ask