sshd: Generate a ed25519 host key

This commit is contained in:
Eelco Dolstra 2015-02-23 16:46:45 +01:00
parent 8e4a8494be
commit b70bd0879b

View File

@ -195,12 +195,14 @@ in
default = default =
[ { path = "/etc/ssh/ssh_host_dsa_key"; [ { path = "/etc/ssh/ssh_host_dsa_key";
type = "dsa"; type = "dsa";
bits = 1024;
} }
{ path = "/etc/ssh/ssh_host_ecdsa_key"; { path = "/etc/ssh/ssh_host_ecdsa_key";
type = "ecdsa"; type = "ecdsa";
bits = 521; bits = 521;
} }
{ path = "/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
]; ];
description = '' description = ''
NixOS can automatically generate SSH host keys. This option NixOS can automatically generate SSH host keys. This option
@ -323,7 +325,7 @@ in
${flip concatMapStrings cfg.hostKeys (k: '' ${flip concatMapStrings cfg.hostKeys (k: ''
if ! [ -f "${k.path}" ]; then if ! [ -f "${k.path}" ]; then
ssh-keygen -t "${k.type}" -b "${toString k.bits}" -f "${k.path}" -N "" ssh-keygen -t "${k.type}" ${if k ? bits then "-b ${toString k.bits}" else ""} -f "${k.path}" -N ""
fi fi
'')} '')}
''; '';