nixos/ssh: remove empty host key files before generating new ones
In a previous PR [1], the conditional to generate a new host key file was changed to also include the case when the file exists, but has zero size. This could occur when the system is uncleanly powered off shortly after first boot. However, ssh-keygen prompts the user before overwriting a file. For example: $ touch hi $ ssh-keygen -f hi Generating public/private rsa key pair. hi already exists. Overwrite (y/n)? So, lets just try to remove the empty file (if it exists) before running ssh-keygen. [1] https://github.com/NixOS/nixpkgs/pull/141258
This commit is contained in:
parent
8070351515
commit
ad38a2a646
1 changed files with 1 additions and 0 deletions
|
@ -441,6 +441,7 @@ in
|
||||||
|
|
||||||
${flip concatMapStrings cfg.hostKeys (k: ''
|
${flip concatMapStrings cfg.hostKeys (k: ''
|
||||||
if ! [ -s "${k.path}" ]; then
|
if ! [ -s "${k.path}" ]; then
|
||||||
|
rm -f "${k.path}"
|
||||||
ssh-keygen \
|
ssh-keygen \
|
||||||
-t "${k.type}" \
|
-t "${k.type}" \
|
||||||
${if k ? bits then "-b ${toString k.bits}" else ""} \
|
${if k ? bits then "-b ${toString k.bits}" else ""} \
|
||||||
|
|
Loading…
Reference in a new issue