diff options
author | Matthias Treydte <mt@waldheinz.de> | 2021-10-12 12:21:53 +0200 |
---|---|---|
committer | Matthias Treydte <mt@waldheinz.de> | 2021-10-12 12:25:38 +0200 |
commit | 97e61a071d950a107f99dd8578ed13f874463649 (patch) | |
tree | 027b3af220ca879f1911a576fd7179ce36e9f5ed /nixos/modules/services/networking | |
parent | 8da58db50b0b7cd53da7c57982a5e8bbc3ebb0e5 (diff) | |
download | nixpkgs-97e61a071d950a107f99dd8578ed13f874463649.tar nixpkgs-97e61a071d950a107f99dd8578ed13f874463649.tar.gz nixpkgs-97e61a071d950a107f99dd8578ed13f874463649.tar.bz2 nixpkgs-97e61a071d950a107f99dd8578ed13f874463649.tar.lz nixpkgs-97e61a071d950a107f99dd8578ed13f874463649.tar.xz nixpkgs-97e61a071d950a107f99dd8578ed13f874463649.tar.zst nixpkgs-97e61a071d950a107f99dd8578ed13f874463649.zip |
nixos/ssh: take care not to accept empty host key files
In case of a power loss shortly after first boot, the host keys gernerated by ssh-keygen could exist in the file system but have zero size, preventing sshd from starting up. This commit changes the behaviour to generate host keys if the file either does not exist or has zero size, fixing the problem on the next boot. Thanks to @SuperSandro2000 for figuring this out.
Diffstat (limited to 'nixos/modules/services/networking')
-rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 192533e52de..004b4f99670 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -439,7 +439,7 @@ in mkdir -m 0755 -p /etc/ssh ${flip concatMapStrings cfg.hostKeys (k: '' - if ! [ -f "${k.path}" ]; then + if ! [ -s "${k.path}" ]; then ssh-keygen \ -t "${k.type}" \ ${if k ? bits then "-b ${toString k.bits}" else ""} \ |