Fix SSH known hosts handling

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-02-13 14:22:07 +00:00
parent c907cdeca6
commit e9833141ad
6 changed files with 2 additions and 31 deletions
--- a/hosts/common/configs/user/console/ssh/default.nix
+++ b/hosts/common/configs/user/console/ssh/default.nix
@@ -9,15 +9,12 @@
  ...
 }:
 {
+  environment.persistence."/persist"."${home}/.ssh/known_hosts" = { };
+
  home-manager.users.${user} = {
    programs.ssh = {
      enable = true;
      addKeysToAgent = "yes";
-      userKnownHostsFile = lib.strings.concatStringsSep " " [
-        ../../../../../installer/secrets/ssh_host_ed25519_key.pub
-        ../../../../../eirene/secrets/ssh_host_ed25519_key.pub
-        ../../../../../elara/secrets/ssh_host_ed25519_key.pub
-      ];
    };

    services.ssh-agent.enable = true;
--- a/hosts/eirene/users/nick/configs/console/git/default.nix
+++ b/hosts/eirene/users/nick/configs/console/git/default.nix
@@ -21,10 +21,6 @@
        hostname = "github.com";
        user = "git";
        identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
-        extraOptions = {
-          StrictHostKeyChecking = "no";
-          UserKnownHostsFile = "/dev/null";
-        };
      };
    };
  };
--- a/hosts/elara/configs/git/default.nix
+++ b/hosts/elara/configs/git/default.nix
@@ -11,12 +11,10 @@
      User git
      HostName github.com
      IdentityFile /root/.ssh/ssh_sas_ed25519_key
-      StrictHostKeyChecking no

    Host gitlab.sas.com
      User git
      HostName gitlab.sas.com
      IdentityFile /root/.ssh/ssh_sas_ed25519_key
-      StrictHostKeyChecking no
  '';
 }
--- a/hosts/elara/users/nikara/configs/console/git/default.nix
+++ b/hosts/elara/users/nikara/configs/console/git/default.nix
@@ -25,20 +25,12 @@
          "${home}/.ssh/ssh_sas_ed25519_key"
          "${home}/.ssh/ssh_personal_ed25519_key"
        ];
-        extraOptions = {
-          StrictHostKeyChecking = "no";
-          UserKnownHostsFile = "/dev/null";
-        };
      };

      "gitlab.sas.com" = {
        hostname = "gitlab.sas.com";
        user = "git";
        identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
-        extraOptions = {
-          StrictHostKeyChecking = "no";
-          UserKnownHostsFile = "/dev/null";
-        };
      };

      "gerrit-svi.unx.sas.com" = {
@@ -46,10 +38,6 @@
        user = "nikara";
        port = 29418;
        identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
-        extraOptions = {
-          StrictHostKeyChecking = "no";
-          UserKnownHostsFile = "/dev/null";
-        };
      };
    };
  };
--- a/hosts/elara/users/nikara/configs/console/ssh/default.nix
+++ b/hosts/elara/users/nikara/configs/console/ssh/default.nix
@@ -9,10 +9,6 @@
      inherit user;
      hostname = "cldlgn.fyi.sas.com";
      identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
-      extraOptions = {
-        StrictHostKeyChecking = "no";
-        UserKnownHostsFile = "/dev/null";
-      };
    };
  };
 }
--- a/hosts/installer/users/nick/configs/console/git/default.nix
+++ b/hosts/installer/users/nick/configs/console/git/default.nix
@@ -22,10 +22,6 @@
        hostname = "github.com";
        user = "git";
        identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
-        extraOptions = {
-          StrictHostKeyChecking = "no";
-          UserKnownHostsFile = "/dev/null";
-        };
      };
    };
  };