forked from mirrors/nixpkgs
262447705c
The programs.ssh.knownHosts.*.publicKeyFile is broken, because it's scoped to a set of host names, but to insert those host names on each line of the file we'd have to parse out blank lines and comments, so only the first line works. It would be much easier all round if users just provided known hosts files in the normal format, and we pointed ssh directly to them. This way, it would be possible to have multiple keys for a single host (which is extremely common due to multiple algorithms being commonplace). We add an option for this instead of relying on extraConfig, because we need to make sure /etc/ssh/ssh_known_hosts is always included to ensure programs.ssh.knownHosts keeps working. /etc/ssh/ssh_known_hosts2 is another OpenSSH default that seems a bit weird, but there's no real reason to change that so we'll leave it. |
||
|---|---|---|
| .. | ||
| config | ||
| hardware | ||
| i18n/input-method | ||
| installer | ||
| misc | ||
| profiles | ||
| programs | ||
| security | ||
| services | ||
| system | ||
| tasks | ||
| testing | ||
| virtualisation | ||
| module-list.nix | ||
| rename.nix | ||