services.openssh.hostKeys

NixOS can automatically generate SSH host keys. This option specifies the path, type and size of each key. See ssh-keygen(1) for supported types and sizes.

Declarations

nixos/modules/services/networking/ssh/sshd.nix

Type

list of (attribute set)

Default

[
  {
    bits = 4096;
    path = "/etc/ssh/ssh_host_rsa_key";
    type = "rsa";
  }
  {
    path = "/etc/ssh/ssh_host_ed25519_key";
    type = "ed25519";
  }
]

Example

[
  {
    bits = 4096;
    openSSHFormat = true;
    path = "/etc/ssh/ssh_host_rsa_key";
    rounds = 100;
    type = "rsa";
  }
  {
    comment = "key comment";
    path = "/etc/ssh/ssh_host_ed25519_key";
    rounds = 100;
    type = "ed25519";
  }
]