From e9833141ad6888660ea06a962fc22344d0e7646a Mon Sep 17 00:00:00 2001 From: Nikolaos Karaolidis Date: Thu, 13 Feb 2025 14:22:07 +0000 Subject: [PATCH] Fix SSH known hosts handling Signed-off-by: Nikolaos Karaolidis --- hosts/common/configs/user/console/ssh/default.nix | 7 ++----- .../users/nick/configs/console/git/default.nix | 4 ---- hosts/elara/configs/git/default.nix | 2 -- .../users/nikara/configs/console/git/default.nix | 12 ------------ .../users/nikara/configs/console/ssh/default.nix | 4 ---- .../users/nick/configs/console/git/default.nix | 4 ---- 6 files changed, 2 insertions(+), 31 deletions(-) diff --git a/hosts/common/configs/user/console/ssh/default.nix b/hosts/common/configs/user/console/ssh/default.nix index d6aa172..4067000 100644 --- a/hosts/common/configs/user/console/ssh/default.nix +++ b/hosts/common/configs/user/console/ssh/default.nix @@ -9,15 +9,12 @@ ... }: { + environment.persistence."/persist"."${home}/.ssh/known_hosts" = { }; + home-manager.users.${user} = { programs.ssh = { enable = true; addKeysToAgent = "yes"; - userKnownHostsFile = lib.strings.concatStringsSep " " [ - ../../../../../installer/secrets/ssh_host_ed25519_key.pub - ../../../../../eirene/secrets/ssh_host_ed25519_key.pub - ../../../../../elara/secrets/ssh_host_ed25519_key.pub - ]; }; services.ssh-agent.enable = true; diff --git a/hosts/eirene/users/nick/configs/console/git/default.nix b/hosts/eirene/users/nick/configs/console/git/default.nix index 9b0dbef..93e742f 100644 --- a/hosts/eirene/users/nick/configs/console/git/default.nix +++ b/hosts/eirene/users/nick/configs/console/git/default.nix @@ -21,10 +21,6 @@ hostname = "github.com"; user = "git"; identityFile = "${home}/.ssh/ssh_personal_ed25519_key"; - extraOptions = { - StrictHostKeyChecking = "no"; - UserKnownHostsFile = "/dev/null"; - }; }; }; }; diff --git a/hosts/elara/configs/git/default.nix b/hosts/elara/configs/git/default.nix index bf0ef90..a7a2013 100644 --- a/hosts/elara/configs/git/default.nix +++ b/hosts/elara/configs/git/default.nix @@ -11,12 +11,10 @@ User git HostName github.com IdentityFile /root/.ssh/ssh_sas_ed25519_key - StrictHostKeyChecking no Host gitlab.sas.com User git HostName gitlab.sas.com IdentityFile /root/.ssh/ssh_sas_ed25519_key - StrictHostKeyChecking no ''; } diff --git a/hosts/elara/users/nikara/configs/console/git/default.nix b/hosts/elara/users/nikara/configs/console/git/default.nix index c62e22e..5edce76 100644 --- a/hosts/elara/users/nikara/configs/console/git/default.nix +++ b/hosts/elara/users/nikara/configs/console/git/default.nix @@ -25,20 +25,12 @@ "${home}/.ssh/ssh_sas_ed25519_key" "${home}/.ssh/ssh_personal_ed25519_key" ]; - extraOptions = { - StrictHostKeyChecking = "no"; - UserKnownHostsFile = "/dev/null"; - }; }; "gitlab.sas.com" = { hostname = "gitlab.sas.com"; user = "git"; identityFile = "${home}/.ssh/ssh_sas_ed25519_key"; - extraOptions = { - StrictHostKeyChecking = "no"; - UserKnownHostsFile = "/dev/null"; - }; }; "gerrit-svi.unx.sas.com" = { @@ -46,10 +38,6 @@ user = "nikara"; port = 29418; identityFile = "${home}/.ssh/ssh_sas_ed25519_key"; - extraOptions = { - StrictHostKeyChecking = "no"; - UserKnownHostsFile = "/dev/null"; - }; }; }; }; diff --git a/hosts/elara/users/nikara/configs/console/ssh/default.nix b/hosts/elara/users/nikara/configs/console/ssh/default.nix index c8f68dc..08cf691 100644 --- a/hosts/elara/users/nikara/configs/console/ssh/default.nix +++ b/hosts/elara/users/nikara/configs/console/ssh/default.nix @@ -9,10 +9,6 @@ inherit user; hostname = "cldlgn.fyi.sas.com"; identityFile = "${home}/.ssh/ssh_sas_ed25519_key"; - extraOptions = { - StrictHostKeyChecking = "no"; - UserKnownHostsFile = "/dev/null"; - }; }; }; } diff --git a/hosts/installer/users/nick/configs/console/git/default.nix b/hosts/installer/users/nick/configs/console/git/default.nix index 9397663..052a8b0 100644 --- a/hosts/installer/users/nick/configs/console/git/default.nix +++ b/hosts/installer/users/nick/configs/console/git/default.nix @@ -22,10 +22,6 @@ hostname = "github.com"; user = "git"; identityFile = "${home}/.ssh/ssh_personal_ed25519_key"; - extraOptions = { - StrictHostKeyChecking = "no"; - UserKnownHostsFile = "/dev/null"; - }; }; }; };