Fix(system/services/openssh): Don't hash know hosts

The trade off between security and convenience isn't worth it.
author: Soispha <soispha@vhack.eu> 2023-07-04 08:53:24 +0200
committer: Soispha <soispha@vhack.eu> 2023-07-04 08:59:26 +0200
commit: ae92ed5df79d894af9f4ed85be8d1281f4755761 (patch)
tree: 36b7adea9e7a3451ea5782401732ffd0aa90da8c
parent: Build(treewide): Update (diff)
download: nixos-config-ae92ed5df79d894af9f4ed85be8d1281f4755761.zip
2 files changed, 3 insertions, 11 deletions
diff --git a/home-manager/config/ssh/default.nix b/home-manager/config/ssh/default.nix
index 31784050..8e0820cf 100644
--- a/home-manager/config/ssh/default.nix
+++ b/home-manager/config/ssh/default.nix
@@ -1,12 +1,8 @@
-{
-  config,
-  pkgs,
-  ...
-}: {
+{config, ...}: {
   programs.ssh = {
     enable = true;
     compression = true;
-    hashKnownHosts = true;
+    hashKnownHosts = false;
     serverAliveInterval = 240;
     userKnownHostsFile = "${config.xdg.dataHome}/ssh/know_hosts";
   };
diff --git a/system/services/openssh/default.nix b/system/services/openssh/default.nix
index 5ee48a0c..b733dbe7 100644
--- a/system/services/openssh/default.nix
+++ b/system/services/openssh/default.nix
@@ -1,8 +1,4 @@
-{
-  config,
-  pkg,
-  ...
-}: {
+{...}: {
   services.openssh = {
     enable = true;
     hostKeys = [
author	Soispha <soispha@vhack.eu>	2023-07-04 08:53:24 +0200
committer	Soispha <soispha@vhack.eu>	2023-07-04 08:59:26 +0200
commit	ae92ed5df79d894af9f4ed85be8d1281f4755761 (patch)
tree	36b7adea9e7a3451ea5782401732ffd0aa90da8c
parent	Build(treewide): Update (diff)
download	nixos-config-ae92ed5df79d894af9f4ed85be8d1281f4755761.zip