From 84a50a077eb550c699e30ee0f5767bd4bfac83be Mon Sep 17 00:00:00 2001 From: Timo Bingmann Date: Sun, 21 Sep 2025 20:35:01 -0700 Subject: [PATCH] add ssh-authorized-keys.nix for all hosts --- flake.nix | 1 + system/default/ssh-authorized-keys.nix | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 system/default/ssh-authorized-keys.nix diff --git a/flake.nix b/flake.nix index b4d3448..f109f48 100644 --- a/flake.nix +++ b/flake.nix @@ -16,6 +16,7 @@ ./system/default/nix.nix ./system/default/packages.nix ./system/default/prompt.nix + ./system/default/ssh-authorized-keys.nix ]; }; diff --git a/system/default/ssh-authorized-keys.nix b/system/default/ssh-authorized-keys.nix new file mode 100644 index 0000000..7bfaebc --- /dev/null +++ b/system/default/ssh-authorized-keys.nix @@ -0,0 +1,20 @@ +{ config, lib, ... }: +let + primaryUser = config.system.primaryUser or "tb"; + + ssh_key_tb1 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQCt0MGma028Fnf9M3VrSZHz+Ieg6DE5WkKg7aqIjqIgYScjO+FXLGnp6bgRiWLOnxzJZqRU7kM3ttubCqgZ4dOKQHgx1je9CrWN45u2lm18H+J3YF9o+eUnLteoZr21tSLkszRyeMvAQbS9879eU/Y5HGv/Z73oes0+03UGNeMhQr8DWro9vBIBFVYUmwm5ie13mdM0mj1MEkvdyvwr15bXSpgIDynXvKuGZgnCFgFroO0y/8XtJkH7FD2qiLeRQ58FsGqVU1ap7YQGCfzfA+zWqDrNCAqMje/RA6S/cuVQV66KPbYkm82uxdF2PzNoR7xTbWmjNHJ0pAeYyUnWyHo/8R++GVnbi3Bw1XlsqACtJv4FK7hEobc6YUvkPw4Mrp6DKiNijOE38goiiCem5ldfaov8JEF8zUwXlkVOezFhSsWLRG1KhrYau0lzVsrTnRva5m++RH9b9WVru/yGpjXQr6vQa6uJOUi1UXdHPY6X45qDR2k2sTr/zLgE8HsPKPkF818k6TH7ogehrpfmKZtPprtks3f20K43EeY/nj3Adyh4JhvtgK0k3ageioTyizjqkuQuJCVXwl/+xVSgGYwNNHmIfldQrvlDcDYwNgsNvAv1SWdbX98LGGN1r+7WlkjWqX9fwlQPWPI+rMQi+LfUBc8TGSxNq2mCu7J+nfSRL5Kg+m4GrN8BrIa89qk6pgd3CTnT/dMTTz3sXbb0ZIF4Z3Q/VbA5eo40CTuhwEAPaktHpSxgo9zLmEQmMoPKMqgi3otSj2AHAlZNKUkxClbVvv7Cx9I5wXMLhLL5kGRtSVVwXwnDnh4WG4Vk0VRBYRQ9X12HkxFA3xAuUhOX9Y8witafapysrP9FuXb5dsFmfY48hCsSh+qPSqnNtl86P1rorEWrGNGSJg7noyRuxE/ykc5XbhIOiK5NC3wDP0xHVTeri9acwq6CmivRC1H/Sn1278GyvLTCe8Mew2WCAFmHKhIj/UZuFctFtSwbOx4JENQXEEODo22iLOO/I7Ia9QSHUW5CmdV+uH37laHCldSzw5f7MUTfTjmA1oVefEO/JnM0oCqX9sSxW8IuZ8vzQIqpZvz90OZ9s7l7VIpKLw0euZR5CpJlsQrE/8+BLyR6WdB+bvgxOovihGSXjPYh7fvYIkx/gW0xBFtbyW8Uuh+O+29QU3IfF6vKHOFxgtwhJLs90z5LUHd5aiwHfbWrcFwAjsaJJn7VKMwdPL6UW3E8kGYrrZfcI5Wws5jJHoc9TRdb4aPjx/tqwlQ3AaYqtGKryM/ZR2dY3xRebnRjMtU/6d4IFSNM4iapUUQQpgPGP9ah3qzzKU/jhqP/Cx1w4pBCV8avEsSO+M49ah8hrNdT"; +{ + # Allow root login with `tb1` ssh key. + users.users.root = { + openssh.authorizedKeys.keys = lib.mkDefault [ + ssh_key_tb1 + ]; + }; + + # Allow primary user login with `tb1` ssh key. + users.users."${primaryUser}" = { + openssh.authorizedKeys.keys = lib.mkDefault [ + ssh_key_tb1 + ]; + }; +}