From 66ba64801f4e12c34fdbcb8e5b0576d3442d3915 Mon Sep 17 00:00:00 2001 From: hektor Date: Tue, 12 May 2026 13:05:05 +0200 Subject: [PATCH] fix(ssh): automate preference for hardware backed ssh keys --- modules/ssh/extract-keys.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/modules/ssh/extract-keys.nix b/modules/ssh/extract-keys.nix index 0b12fb96..430b091c 100644 --- a/modules/ssh/extract-keys.nix +++ b/modules/ssh/extract-keys.nix @@ -14,8 +14,16 @@ in chmod 644 "$HOST_DIR/ssh_host.pub" fi - USER_KEY="/home/${username}/.ssh/id_ed25519.pub" - if [ -f "$USER_KEY" ] && [ -d "$HOST_DIR" ]; then + USER_KEY="" + for candidate in \ + "/home/${username}/.ssh/id_ed25519_sk.pub" \ + "/home/${username}/.ssh/id_ed25519.pub"; do + if [ -f "$candidate" ]; then + USER_KEY="$candidate" + break + fi + done + if [ -n "$USER_KEY" ] && [ -d "$HOST_DIR" ]; then cp "$USER_KEY" "$HOST_DIR/ssh_user.pub" chown ${username}:users "$HOST_DIR/ssh_user.pub" chmod 644 "$HOST_DIR/ssh_user.pub"