From ae92ed5df79d894af9f4ed85be8d1281f4755761 Mon Sep 17 00:00:00 2001
From: Soispha <soispha@vhack.eu>
Date: Tue, 4 Jul 2023 08:53:24 +0200
Subject: Fix(system/services/openssh): Don't hash know hosts

The trade off between security and convenience isn't worth it.
---
 home-manager/config/ssh/default.nix | 8 ++------
 system/services/openssh/default.nix | 6 +-----
 2 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/home-manager/config/ssh/default.nix b/home-manager/config/ssh/default.nix
index 31784050..8e0820cf 100644
--- a/home-manager/config/ssh/default.nix
+++ b/home-manager/config/ssh/default.nix
@@ -1,12 +1,8 @@
-{
-  config,
-  pkgs,
-  ...
-}: {
+{config, ...}: {
   programs.ssh = {
     enable = true;
     compression = true;
-    hashKnownHosts = true;
+    hashKnownHosts = false;
     serverAliveInterval = 240;
     userKnownHostsFile = "${config.xdg.dataHome}/ssh/know_hosts";
   };
diff --git a/system/services/openssh/default.nix b/system/services/openssh/default.nix
index 5ee48a0c..b733dbe7 100644
--- a/system/services/openssh/default.nix
+++ b/system/services/openssh/default.nix
@@ -1,8 +1,4 @@
-{
-  config,
-  pkg,
-  ...
-}: {
+{...}: {
   services.openssh = {
     enable = true;
     hostKeys = [
-- 
cgit 1.4.1