diff options
| author | Alan Pearce | 2024-12-28 18:39:13 +0100 |
|---|---|---|
| committer | Alan Pearce | 2024-12-28 18:39:13 +0100 |
| commit | 7b7960b098be7d6092df90ed9d9d7e6c02fa33a8 (patch) | |
| tree | 43846f73e8e3da180481daa60bf9247180b00d8e /system | |
| parent | 488cd1c8a8a28cecb6d48fae306fa61bc9a9489a (diff) | |
| download | nixfiles-7b7960b098be7d6092df90ed9d9d7e6c02fa33a8.tar.lz nixfiles-7b7960b098be7d6092df90ed9d9d7e6c02fa33a8.tar.zst nixfiles-7b7960b098be7d6092df90ed9d9d7e6c02fa33a8.zip | |
update ssh keys
Diffstat (limited to 'system')
| -rw-r--r-- | system/linde.nix | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/system/linde.nix b/system/linde.nix index 68bcac43..2ca59842 100644 --- a/system/linde.nix +++ b/system/linde.nix @@ -83,7 +83,7 @@ in services.openssh = { enable = true; settings = { - PermitRootLogin = "no"; + PermitRootLogin = "without-password"; PasswordAuthentication = false; KbdInteractiveAuthentication = false; }; @@ -298,9 +298,14 @@ in ''; }; programs.zsh.enable = true; - users.users.root.shell = "${pkgs.fish}/bin/fish"; + users.users.root = { + shell = "/run/current-system/sw/bin/fish"; + openssh.authorizedKeys.keys = [ + "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHYUyDdw92TNXguAxcmcmZmn/7ECGdRp6ckjxU+5zCw3BCnsS5+xEvHBVnnFdJRoH2XpfMeJjE+fi67zFVhlbn4= root@secretive.marvin" + ]; + }; users.users.alan = { - shell = "${pkgs.fish}/bin/fish"; + shell = "/run/current-system/sw/bin/fish"; extraGroups = [ "wheel" "caddy" "docker" "laminar" ]; isNormalUser = true; home = "/home/alan"; @@ -308,7 +313,7 @@ in openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII8VIII+598QOBxi/52O1Kb19RdUdX0aZmS1/dNoyqc5 alan@hetzner.strongbox" - "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEsD23eNmxBQj+FCxXXvSAX9U+9HPLKei95vdHPGWbyA5TVlD0N8ROxcfRwDepaQfCqOxEchh7liLAivI1PRCd0= secretive@macbook-pro" + "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJVREjPey2TOIPzfYJoG9yIR4Rui7tNJK2QIKa+pbgsyXg31hhPIw37LRRIic+l53mW8eahHxX3Y1IeTjcMw8IU= alan@secretive.marvin" ]; }; |