From fc25753f7bc3f18aedb24f26da267b6c7b11bb22 Mon Sep 17 00:00:00 2001
From: Adithya Nair <adtya@adtya.xyz>
Date: Sat, 29 Jul 2023 15:22:56 +0530
Subject: [PATCH] create ssh host keys

---
 hosts/skipper/services/default.nix |  1 +
 hosts/skipper/services/ssh.nix     | 21 +++++++++++++++++++++
 2 files changed, 22 insertions(+)
 create mode 100644 hosts/skipper/services/ssh.nix

diff --git a/hosts/skipper/services/default.nix b/hosts/skipper/services/default.nix
index 68435d3..ddec889 100644
--- a/hosts/skipper/services/default.nix
+++ b/hosts/skipper/services/default.nix
@@ -5,6 +5,7 @@ in {
     ./dbus.nix
     ./pipewire.nix
     ./udev.nix
+    ./ssh.nix
   ];
   services = {
     blueman.enable = true;
diff --git a/hosts/skipper/services/ssh.nix b/hosts/skipper/services/ssh.nix
new file mode 100644
index 0000000..59ff254
--- /dev/null
+++ b/hosts/skipper/services/ssh.nix
@@ -0,0 +1,21 @@
+_: {
+  services.openssh = {
+    enable = true;
+    settings = {
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+      PermitRootLogin = "no";
+    };
+    hostKeys = [
+      {
+        path = "/etc/ssh/keys/ssh_host_ed25519_key";
+        type = "ed25519";
+      }
+      {
+        path = "/etc/ssh/keys/ssh_host_rsa_key";
+        type = "rsa";
+        bits = "4096";
+      }
+    ];
+  };
+}