From 6295e55eb82b85d54bffeb5d04dd9bdd4edb986c Mon Sep 17 00:00:00 2001
From: Jakob Lechner <mail@jalr.de>
Date: Wed, 17 Jul 2024 23:16:25 +0200
Subject: [PATCH] Allow only ed25519 host key

---
 modules/sshd.nix | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/modules/sshd.nix b/modules/sshd.nix
index 01b757a..a046574 100644
--- a/modules/sshd.nix
+++ b/modules/sshd.nix
@@ -23,6 +23,12 @@
       UseDns = false;
       X11Forwarding = false;
     };
+    hostKeys = [
+      {
+        path = "/etc/ssh/ssh_host_ed25519_key";
+        type = "ed25519";
+      }
+    ];
     authorizedKeysFiles = lib.mkForce [ "/etc/ssh/authorized_keys.d/%u" ];
   };
 }