summaryrefslogtreecommitdiff
path: root/hosts/muhammed/dev-vm/configuration/ssh.nix
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/muhammed/dev-vm/configuration/ssh.nix')
-rw-r--r--hosts/muhammed/dev-vm/configuration/ssh.nix24
1 files changed, 24 insertions, 0 deletions
diff --git a/hosts/muhammed/dev-vm/configuration/ssh.nix b/hosts/muhammed/dev-vm/configuration/ssh.nix
new file mode 100644
index 0000000..fbafc62
--- /dev/null
+++ b/hosts/muhammed/dev-vm/configuration/ssh.nix
@@ -0,0 +1,24 @@
+{...}: {
+ services.openssh.enable = true;
+
+ # Allow incomming connections from the VM host.
+ users.users.linus.openssh.authorizedKeys.keyFiles = [(toString ../keys/ssh_vmhost_ed25519_key.pub)];
+
+ # Don't generate any host keys automatically. We will use these hardcoded
+ # ones instead. Storing keys in plaintext would normally be SUPER SUPER BAD
+ # but in this case it doesn't matter, since it's just a local VM.
+ services.openssh.hostKeys = [];
+
+ # Install the very public private key.
+ environment.etc = {
+ # Note the seemingly reversed file names: "host" in this filename is relative to the VM guest.
+ "ssh/ssh_host_ed25519_key" = {
+ mode = "0600";
+ source = ../keys/ssh_vmguest_ed25519_key;
+ };
+ "ssh/ssh_host_ed25519_key.pub" = {
+ mode = "0644";
+ source = ../keys/ssh_vmguest_ed25519_key.pub;
+ };
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-07 23:28:55 +0000