diff --git a/hosts/bootstrap/default.nix b/hosts/bootstrap/default.nix index 088aff6..fd86aea 100644 --- a/hosts/bootstrap/default.nix +++ b/hosts/bootstrap/default.nix @@ -1,4 +1,7 @@ { inputs, config, lib, pkgs, outputs,... }: +let + pubKeys = lib.filesystem.listFilesRecursive (../common/users/keys); +in { imports = [ @@ -51,6 +54,7 @@ users = { mutableUsers = true; + openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key); extraUsers = { root = { initialPassword = "1234"; @@ -86,7 +90,7 @@ IdentitiesOnly yes StrictHostKeyChecking no IdentityFile /etc/ssh/deploy_key-ssh-ed25519 - '' + ''; security.pam = { sshAgentAuth.enable = true;