From: Skullheadx Date: Tue, 2 Jun 2026 01:52:21 +0000 (-0400) Subject: ssh known hosts X-Git-Url: http://git.skullheadx.com/nixos/static/gitweb.js?a=commitdiff_plain;h=776dd620c8c87562980b9520c8730c3245fdf0b5;p=nixos.git ssh known hosts --- diff --git a/hosts/icon/configuration.nix b/hosts/icon/configuration.nix index e8862cd..8261edf 100644 --- a/hosts/icon/configuration.nix +++ b/hosts/icon/configuration.nix @@ -9,6 +9,23 @@ ./../../vim.nix ]; + programs.ssh = { + knownHosts = { + desktop = { + extraHostNames = ["192.168.1.122"]; + publicKeyFile = ./../../pubkeys/desktop_ssh.pub; + }; + vps = { + extraHostNames = ["170.205.37.7"]; + publicKeyFile = ./../../pubkeys/vps_ssh.pub; + }; + github = { + extraHostNames = ["github.com"]; + publicKeyFile = ./../../pubkeys/github_ssh.pub; + }; + }; + }; + users.groups.git = {}; users.users.nginx.extraGroups = ["git"]; systemd.services.nginx.serviceConfig = { @@ -34,9 +51,7 @@ home = "/srv/git"; createHome = true; homeMode = "755"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPfIZMlXeTEi0YoOq36WNo6xPoolqvoS77ygtKaySkoG admonty1@protonmail.com" - ]; + openssh.authorizedKeys.keyFiles = [../../pubkeys/desktop_ssh.pub]; }; }; diff --git a/hosts/nepsis/configuration.nix b/hosts/nepsis/configuration.nix index bfff0bd..e5d503d 100644 --- a/hosts/nepsis/configuration.nix +++ b/hosts/nepsis/configuration.nix @@ -17,6 +17,34 @@ networking.hostName = "nepsis"; # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + programs.ssh = { + knownHosts = { + homelab = { + extraHostNames = ["192.168.1.120"]; + publicKeyFile = ./../../pubkeys/homelab_ssh.pub; + }; + vps = { + extraHostNames = ["170.205.37.7"]; + publicKeyFile = ./../../pubkeys/vps_ssh.pub; + }; + github = { + extraHostNames = ["github.com"]; + publicKeyFile = ./../../pubkeys/github_ssh.pub; + }; + }; + extraConfig = '' + Host git-vps + HostName git.skullheadx.com + Port 2222 + User git + Host git.skullheadx.com + HostName localhost + Port 2223 + User git + ProxyJump git-vps + ''; + }; + # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; @@ -63,20 +91,6 @@ }; }; - programs.ssh = { - extraConfig = '' - Host git-vps - HostName git.skullheadx.com - Port 2222 - User git - Host git.skullheadx.com - HostName localhost - Port 2223 - User git - ProxyJump git-vps - ''; - }; - programs.steam = { enable = true; remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play diff --git a/pubkeys/desktop_ssh.pub b/pubkeys/desktop_ssh.pub new file mode 100644 index 0000000..ca0309d --- /dev/null +++ b/pubkeys/desktop_ssh.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPfIZMlXeTEi0YoOq36WNo6xPoolqvoS77ygtKaySkoG admonty1@protonmail.com diff --git a/pubkeys/github_ssh.pub b/pubkeys/github_ssh.pub new file mode 100644 index 0000000..fe00342 --- /dev/null +++ b/pubkeys/github_ssh.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl diff --git a/pubkeys/homelab_ssh.pub b/pubkeys/homelab_ssh.pub new file mode 100644 index 0000000..892130e --- /dev/null +++ b/pubkeys/homelab_ssh.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICNyrIlDrgoPqQNP8gG/zkNb/UQ8VekF4sz4ktaLzjWZ diff --git a/pubkeys/vps_ssh.pub b/pubkeys/vps_ssh.pub new file mode 100644 index 0000000..b88b746 --- /dev/null +++ b/pubkeys/vps_ssh.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIeDkJzsi8H5Y2tDdb29T9v8UKjjzusVN8D3g/V+CM1W