nix/hosts/common/configs/user/console/ssh/default.nix

{
  user ? throw "user argument is required",
  home ? throw "home argument is required",
}:
{
  config,
  lib,
  pkgs,
  ...
}:
{
  environment.persistence."/persist"."${home}/.ssh/known_hosts" = { };

  home-manager.users.${user} = {
    programs.ssh = {
      enable = true;
      addKeysToAgent = "yes";
      userKnownHostsFile = "${home}/.ssh/known_hosts/default";
    };

    services.ssh-agent.enable = true;

    systemd.user.tmpfiles.rules = [
      "d ${home}/.ssh/known_hosts 0755 ${user} users"
    ];
  };
}