diff --git a/hosts/common/optional/distributed_builds/local-machine.nix b/hosts/common/optional/distributed_builds/local-machine.nix
index f24f49a..6849490 100644
--- a/hosts/common/optional/distributed_builds/local-machine.nix
+++ b/hosts/common/optional/distributed_builds/local-machine.nix
@@ -1,5 +1,5 @@
 {
-  secrets = {
+  sops.secrets = {
     "ssh_keys/root/remotebuild" = {
       path = "/root/.ssh/remotebuild";
     };
diff --git a/hosts/common/optional/distributed_builds/remote-builder-machine.nix b/hosts/common/optional/distributed_builds/remote-builder-machine.nix
index e472374..74a33cf 100644
--- a/hosts/common/optional/distributed_builds/remote-builder-machine.nix
+++ b/hosts/common/optional/distributed_builds/remote-builder-machine.nix
@@ -1,15 +1,12 @@
 {
-  secrets = {
-    "ssh_keys/root/remotebuild.pub" = {
-      path = "/root/.ssh/remotebuild.pub";
-    };
-  };
   users.users.remotebuild = {
     isNormalUser = true;
     createHome = false;
     group = "remotebuild";
 
-    openssh.authorizedKeys.keyFiles = [/root/.ssh/remotebuild.pub];
+    openssh.authorizedKeys.keyFiles = [
+      ./remotebuild.pub
+    ];
   };
 
   users.groups.remotebuild = {};
diff --git a/hosts/common/optional/distributed_builds/remotebuild.pub b/hosts/common/optional/distributed_builds/remotebuild.pub
new file mode 100644
index 0000000..c903dff
--- /dev/null
+++ b/hosts/common/optional/distributed_builds/remotebuild.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUPnjP4eql1QT4b9ewbyy7Dyk26PrlQlilO7/RBKCHz remote