From c833c68d83b4fdc864c11fa009f544ce4d18692f Mon Sep 17 00:00:00 2001 From: colin Date: Mon, 24 Oct 2022 01:33:01 -0700 Subject: [PATCH] move ssh pubkeys into their own file for future reuse --- modules/universal/pubkeys.nix | 9 +++++++++ modules/universal/users.nix | 10 +--------- 2 files changed, 10 insertions(+), 9 deletions(-) create mode 100644 modules/universal/pubkeys.nix diff --git a/modules/universal/pubkeys.nix b/modules/universal/pubkeys.nix new file mode 100644 index 00000000..98bf3612 --- /dev/null +++ b/modules/universal/pubkeys.nix @@ -0,0 +1,9 @@ +# create ssh key by running: +# - `ssh-keygen -t ed25519` +{ + lappy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDpmFdNSVPRol5hkbbCivRhyeENzb9HVyf9KutGLP2Zu colin@lappy"; + desko = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPU5GlsSfbaarMvDA20bxpSZGWviEzXGD8gtrIowc1pX colin@desko"; + servo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPS1qFzKurAdB9blkWomq8gI1g0T3sTs9LsmFOj5VtqX colin@servo"; + moby = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICrR+gePnl0nV/vy7I5BzrGeyVL+9eOuXHU1yNE3uCwU colin@moby"; +} + diff --git a/modules/universal/users.nix b/modules/universal/users.nix index ef51a97a..55e72c0a 100644 --- a/modules/universal/users.nix +++ b/modules/universal/users.nix @@ -50,15 +50,7 @@ in passwordFile = lib.mkIf (config.sops.secrets ? "colin-passwd") config.sops.secrets.colin-passwd.path; shell = pkgs.zsh; - # shell = pkgs.bashInteractive; - # XXX colin: create ssh key for THIS user by logging in and running: - # ssh-keygen -t ed25519 - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDpmFdNSVPRol5hkbbCivRhyeENzb9HVyf9KutGLP2Zu colin@lappy" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPU5GlsSfbaarMvDA20bxpSZGWviEzXGD8gtrIowc1pX colin@desko" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPS1qFzKurAdB9blkWomq8gI1g0T3sTs9LsmFOj5VtqX colin@servo" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICrR+gePnl0nV/vy7I5BzrGeyVL+9eOuXHU1yNE3uCwU colin@moby" - ]; + openssh.authorizedKeys.keys = builtins.attrValues (import ./pubkeys.nix); pamMount = { # mount encrypted stuff at login