Be more adamant about replacing the default SSH pubkey
This commit is contained in:
parent
40a96ea856
commit
a02d507dc2
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
# Script to install NixOS from the Hetzner Cloud NixOS bootable ISO image.
|
# Script to install NixOS from the Hetzner Cloud NixOS bootable ISO image.
|
||||||
# (tested with Hetzner's `NixOS 20.03 (amd64/minimal)` ISO image).
|
# (tested with Hetzner's `NixOS 20.03 (amd64/minimal)` ISO image).
|
||||||
#
|
#
|
||||||
# This script wipes the disk of the server!
|
# This script wipes the disk of the server!
|
||||||
#
|
#
|
||||||
# Instructions:
|
# Instructions:
|
||||||
|
@ -62,9 +62,9 @@ echo '
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
||||||
# Replace this by your SSH pubkey
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtwCIGPYJlD2eeUtxngmT+4yR7BMlK0F5kzj+84uHsxxsy+PXFrP/tScCpwmuoiEYNv/9WKnPJJfCA9XlIDr6cla1MLpaW6eg672TRYMmKzH6SLlkg+kyDmPxSIJw+KdKfnPYyva+Y/VocACYJo0voabUeLAVgtSKGz/AFzccjfOR0GmFO911zjAaR+jFb9M7t7dveNVKm9KbuBfu3giMgGg3/mKz1TKY8yk2ZOxpT5CllBb+B5BcEf+7IGNvNxr1Z0zz5cFXQ3LyBIZklnC/OaQCnD78BSiyPTkIXcmBFal2TaFwTDvki6PuCRpJy+dU1fDdgWLql97D0SVnjmmomw=="
|
# Replace this by your SSH pubkey!
|
||||||
|
"ssh-rsa AAAAAAAAAAA..."
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
' >> /mnt/etc/nixos/configuration.nix
|
' >> /mnt/etc/nixos/configuration.nix
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
# This is for a specific server configuration; adjust where needed.
|
# This is for a specific server configuration; adjust where needed.
|
||||||
#
|
#
|
||||||
# Prerequisites:
|
# Prerequisites:
|
||||||
# * Update the script to adjust SSH pubkeys, hostname, NixOS version etc.
|
# * Update the script to put in your SSH pubkey, adjust hostname, NixOS version etc.
|
||||||
#
|
#
|
||||||
# Usage:
|
# Usage:
|
||||||
# ssh root@YOUR_SERVERS_IP bash -s < hetzner-dedicated-wipe-and-install-nixos.sh
|
# ssh root@YOUR_SERVERS_IP bash -s < hetzner-dedicated-wipe-and-install-nixos.sh
|
||||||
|
@ -266,7 +266,8 @@ cat > /mnt/etc/nixos/configuration.nix <<EOF
|
||||||
services.openssh.permitRootLogin = "prohibit-password";
|
services.openssh.permitRootLogin = "prohibit-password";
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtwCIGPYJlD2eeUtxngmT+4yR7BMlK0F5kzj+84uHsxxsy+PXFrP/tScCpwmuoiEYNv/9WKnPJJfCA9XlIDr6cla1MLpaW6eg672TRYMmKzH6SLlkg+kyDmPxSIJw+KdKfnPYyva+Y/VocACYJo0voabUeLAVgtSKGz/AFzccjfOR0GmFO911zjAaR+jFb9M7t7dveNVKm9KbuBfu3giMgGg3/mKz1TKY8yk2ZOxpT5CllBb+B5BcEf+7IGNvNxr1Z0zz5cFXQ3LyBIZklnC/OaQCnD78BSiyPTkIXcmBFal2TaFwTDvki6PuCRpJy+dU1fDdgWLql97D0SVnjmmomw== nh2@deditus.de"
|
# Replace this by your SSH pubkey!
|
||||||
|
"ssh-rsa AAAAAAAAAAA..."
|
||||||
];
|
];
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
# Originally written for a Leaseweb HP DL120 G7 server.
|
# Originally written for a Leaseweb HP DL120 G7 server.
|
||||||
#
|
#
|
||||||
# Prerequisites:
|
# Prerequisites:
|
||||||
# * Update the script to adjust SSH pubkeys, hostname, NixOS version etc.
|
# * Update the script to put in your SSH pubkey, adjust hostname, NixOS version etc.
|
||||||
#
|
#
|
||||||
# Usage:
|
# Usage:
|
||||||
# ssh root@YOUR_SERVERS_IP bash -s < leaseweb-dedicated-wipe-and-install-nixos.sh
|
# ssh root@YOUR_SERVERS_IP bash -s < leaseweb-dedicated-wipe-and-install-nixos.sh
|
||||||
|
@ -333,7 +333,8 @@ cat > /mnt/etc/nixos/configuration.nix <<EOF
|
||||||
services.openssh.permitRootLogin = "prohibit-password";
|
services.openssh.permitRootLogin = "prohibit-password";
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtwCIGPYJlD2eeUtxngmT+4yR7BMlK0F5kzj+84uHsxxsy+PXFrP/tScCpwmuoiEYNv/9WKnPJJfCA9XlIDr6cla1MLpaW6eg672TRYMmKzH6SLlkg+kyDmPxSIJw+KdKfnPYyva+Y/VocACYJo0voabUeLAVgtSKGz/AFzccjfOR0GmFO911zjAaR+jFb9M7t7dveNVKm9KbuBfu3giMgGg3/mKz1TKY8yk2ZOxpT5CllBb+B5BcEf+7IGNvNxr1Z0zz5cFXQ3LyBIZklnC/OaQCnD78BSiyPTkIXcmBFal2TaFwTDvki6PuCRpJy+dU1fDdgWLql97D0SVnjmmomw== nh2@deditus.de"
|
# Replace this by your pubkey!
|
||||||
|
"ssh-rsa AAAAAAAAAAA..."
|
||||||
];
|
];
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
# Prerequisites:
|
# Prerequisites:
|
||||||
# * Create a LUKS key file at /root/benacofs-luks-key
|
# * Create a LUKS key file at /root/benacofs-luks-key
|
||||||
# e.g. by copying it up.
|
# e.g. by copying it up.
|
||||||
# * Update the script to adjust SSH pubkeys, hostname NixOS version etc.
|
# * Update the script to put in your SSH pubkey, adjust hostname, NixOS version etc.
|
||||||
#
|
#
|
||||||
# Usage:
|
# Usage:
|
||||||
# ssh root@YOUR_SERVERS_IP bash -s < ovh-dedicated-wipe-and-install-nixos.sh
|
# ssh root@YOUR_SERVERS_IP bash -s < ovh-dedicated-wipe-and-install-nixos.sh
|
||||||
|
@ -302,7 +302,8 @@ cat > /mnt/etc/nixos/configuration.nix <<EOF
|
||||||
services.openssh.permitRootLogin = "prohibit-password";
|
services.openssh.permitRootLogin = "prohibit-password";
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keys = [
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtwCIGPYJlD2eeUtxngmT+4yR7BMlK0F5kzj+84uHsxxsy+PXFrP/tScCpwmuoiEYNv/9WKnPJJfCA9XlIDr6cla1MLpaW6eg672TRYMmKzH6SLlkg+kyDmPxSIJw+KdKfnPYyva+Y/VocACYJo0voabUeLAVgtSKGz/AFzccjfOR0GmFO911zjAaR+jFb9M7t7dveNVKm9KbuBfu3giMgGg3/mKz1TKY8yk2ZOxpT5CllBb+B5BcEf+7IGNvNxr1Z0zz5cFXQ3LyBIZklnC/OaQCnD78BSiyPTkIXcmBFal2TaFwTDvki6PuCRpJy+dU1fDdgWLql97D0SVnjmmomw== nh2@deditus.de"
|
# Replace this by your pubkey!
|
||||||
|
"ssh-rsa AAAAAAAAAAA..."
|
||||||
];
|
];
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
Loading…
Reference in a new issue