From 1afc9397b874eb69eb829e498b01d86ac2d7cf41 Mon Sep 17 00:00:00 2001 From: Bun Date: Sun, 23 Mar 2025 13:13:21 -0400 Subject: [PATCH 1/2] i give [myself everything [i] need to succeed and [i] still fail always --- hosts/kitty/users/corn/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/kitty/users/corn/default.nix b/hosts/kitty/users/corn/default.nix index ea829026..a3f42026 100644 --- a/hosts/kitty/users/corn/default.nix +++ b/hosts/kitty/users/corn/default.nix @@ -4,8 +4,8 @@ isNormalUser = true; createHome = true; openssh.authorizedKeys.keys = [ - "AAAAC3NzaC1lZDI1NTE5AAAAIBCADciME1/rtWOlR2BxaAkRSgIZt61SYOgjTi6hw+yS Chinook" - "AAAAC3NzaC1lZDI1NTE5AAAAICtoHVAmq8Ps7EguBsV3VY4snagzkhH6aXqwbKzuGs2H Radiant" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKaZsnlyUJDNx2oK4iHsUDb+Ok4vg1jNYEAnoHsjjM2c Chinook" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICtoHVAmq8Ps7EguBsV3VY4snagzkhH6aXqwbKzuGs2H Radiant" ]; uid = 1001; shell = pkgs.zsh; From d331407b7e394ab4e472eab00ed2f8e1148ad491 Mon Sep 17 00:00:00 2001 From: Bun Date: Sun, 23 Mar 2025 13:30:00 -0400 Subject: [PATCH 2/2] Actually make this passwordless auth bullshit work --- hosts/kitty/users/corn/default.nix | 2 +- modules/system/services/general/ssh/default.nix | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/hosts/kitty/users/corn/default.nix b/hosts/kitty/users/corn/default.nix index a3f42026..55cf01e1 100644 --- a/hosts/kitty/users/corn/default.nix +++ b/hosts/kitty/users/corn/default.nix @@ -4,7 +4,7 @@ isNormalUser = true; createHome = true; openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKaZsnlyUJDNx2oK4iHsUDb+Ok4vg1jNYEAnoHsjjM2c Chinook" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBCADciME1/rtWOlR2BxaAkRSgIZt61SYOgjTi6hw+yS Chinook" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICtoHVAmq8Ps7EguBsV3VY4snagzkhH6aXqwbKzuGs2H Radiant" ]; uid = 1001; diff --git a/modules/system/services/general/ssh/default.nix b/modules/system/services/general/ssh/default.nix index ec13d9c9..b7fa7ca8 100644 --- a/modules/system/services/general/ssh/default.nix +++ b/modules/system/services/general/ssh/default.nix @@ -8,11 +8,12 @@ PermitRootLogin = lib.mkForce "no"; PrintLastLog = "no"; PasswordAuthentication = false; - UsePAM = false; - X11Forwarding = false; + PermitEmptyPasswords = true; }; }; + security.pam.services.sshd.allowNullPassword = true; + environment.persistence."/persist".files = [ "/etc/ssh/ssh_host_ed25519_key" "/etc/ssh/ssh_host_ed25519_key.pub"