sshd: Generate a ed25519 host key

2015-02-23 16:46:45 +01:00 · 2015-02-23 16:46:45 +01:00 · b70bd0879b
commit b70bd0879b
parent 8e4a8494be
1 changed files with 4 additions and 2 deletions
--- a/nixos/modules/services/networking/ssh/sshd.nix
+++ b/nixos/modules/services/networking/ssh/sshd.nix
@ -195,12 +195,14 @@ in
        default =
          [ { path = "/etc/ssh/ssh_host_dsa_key";
              type = "dsa";
-              bits = 1024;
            }
            { path = "/etc/ssh/ssh_host_ecdsa_key";
              type = "ecdsa";
              bits = 521;
            }
+            { path = "/etc/ssh/ssh_host_ed25519_key";
+              type = "ed25519";
+            }
          ];
        description = ''
          NixOS can automatically generate SSH host keys.  This option
@ -323,7 +325,7 @@ in

                ${flip concatMapStrings cfg.hostKeys (k: ''
                  if ! [ -f "${k.path}" ]; then
-                      ssh-keygen -t "${k.type}" -b "${toString k.bits}" -f "${k.path}" -N ""
+                      ssh-keygen -t "${k.type}" ${if k ? bits then "-b ${toString k.bits}" else ""} -f "${k.path}" -N ""
                  fi
                '')}
              '';