feat: update passwords

This commit is contained in:
Benjamin Bädorf 2023-10-10 11:56:36 +02:00
parent fd022bb3d5
commit ece9705f67
No known key found for this signature in database
GPG key ID: 4406E80E13CD656C
7 changed files with 7 additions and 21 deletions

View file

@ -21,7 +21,7 @@ in {
networking.hostName = "droppie"; networking.hostName = "droppie";
services.openssh.enable = true; services.openssh.openFirewall = true;
pub-solar.core.disk-encryption-active = false; pub-solar.core.disk-encryption-active = false;

View file

@ -36,7 +36,7 @@ in {
pub-solar.core.disk-encryption-active = false; pub-solar.core.disk-encryption-active = false;
services.openssh.enable = true; services.openssh.openFirewall = true;
security.sudo.extraRules = [ security.sudo.extraRules = [
{ {

View file

@ -19,12 +19,10 @@
# For rage encryption, all hosts need a ssh key pair # For rage encryption, all hosts need a ssh key pair
services.openssh = { services.openssh = {
enable = lib.mkDefault false; enable = true;
allowSFTP = lib.mkDefault false; allowSFTP = lib.mkDefault false;
# If you don't want the host to have SSH actually opened up to the net, openFirewall = lib.mkDefault false;
# set `services.openssh.openFirewall` to false in your config.
openFirewall = true;
settings.PasswordAuthentication = lib.mkDefault false; settings.PasswordAuthentication = lib.mkDefault false;
settings.KbdInteractiveAuthentication = false; settings.KbdInteractiveAuthentication = false;

View file

@ -1,5 +1,4 @@
let let
# set ssh public keys here for your system and user
bbcom = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== hello@benjaminbaedorf.com"; bbcom = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== hello@benjaminbaedorf.com";
biolimo-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZzg8pfVtFonx/IvO2MKG5uVF/sMJAOt1Ifm9Vds2eA root@biolimo"; biolimo-host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZzg8pfVtFonx/IvO2MKG5uVF/sMJAOt1Ifm9Vds2eA root@biolimo";

View file

@ -20,13 +20,10 @@ in {
}; };
pub-solar = { pub-solar = {
# These are your personal settings
# The only required settings are `name` and `password`,
# The rest is used for programs like git
user = { user = {
name = "b12f"; name = "b12f";
description = "b12f"; description = "b12f";
password = "$6$LO2YoaHwuRQhUoSz$iHw9avM887eJg9cIty2nmG4Ibkol3YpviEhYpivVQP31VrnihFz/6LyugxD7X4VmXx9nxvcYIZnN90rlGxwjT."; password = "$y$j9T$GR.fND1YY6/2deXcEMHx1.$QBuvjIxPkDtFXrkes0T582L6jF7gfHhseFts64qC8xB";
fullName = "Benjamin Bädorf"; fullName = "Benjamin Bädorf";
email = "hello@benjaminbaedorf.eu"; email = "hello@benjaminbaedorf.eu";
gpgKeyId = "4406E80E13CD656C"; gpgKeyId = "4406E80E13CD656C";

View file

@ -1,5 +1,4 @@
{...}: {...}:
# recommend using `hashedPassword`
{ {
users.users.root.password = ""; users.users.root.hashedPassword = "$y$j9T$HihsChALx5fotahvDVhdC/$iQCGUr35quGDDEFg0SGjDBxWzU/kokgOVDX.weRvL80";
} }

View file

@ -14,22 +14,15 @@ in {
user = { user = {
name = "yule"; name = "yule";
description = "b12f"; description = "b12f";
password = "$y$j9T$x1nyqcXw/1iYKo3054cdB1$0TOuyE5t5ZV6z9Gzl9zIrmZGADBxupnwcUMTcMtMa73"; password = "$y$j9T$kqzIDj4zB609HA4Tzxm010$JQ/pBMFVJbYurk5icGfIINQou85.8HSqafDirGoxMl3";
fullName = "Benjamin Bädorf"; fullName = "Benjamin Bädorf";
email = "hello@benjaminbaedorf.eu"; email = "hello@benjaminbaedorf.eu";
gpgKeyId = "4406E80E13CD656C"; gpgKeyId = "4406E80E13CD656C";
publicKeys = [ publicKeys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmiF8ndGhnx2YAWbPDq14fftAwcJ0xnjJIVTotI12OO4SPX/SwH5Yp8C8Kf002qN9FbFmaONzq3s8TYpej13JubhfsQywNuFKZuZvJeHzmOwxsANW86RVrWT0WZmYx9a/a1TF9rPQpibDVt60wX8yLdExaJc5F1SvIIuyz1kxYpz36wItfR6hcwoLGh1emFCmfCpebJmp3hsrMDTTtTW/YNhyeSZW74ckyvZyjCYtRCJ8uF0ZmOSKRdillv4Ztg8MsUubGn+vaMl6V6x/QuDuehEPoM/3wBx9o22nf+QVbk7S1PC8EdT/K5vskn4/pfR7mDCyQOq1hB4w4Oyn0dsfX pi@ssrtc"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHx4A8rLYmFgTOp1fDGbbONN8SOT0l5wWrUSYFUcVzMPTyfdT23ZVIdVD5yZCySgi/7PSh5mVmyLIZVIXlNrZJg= @b12f Yubi Main" "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHx4A8rLYmFgTOp1fDGbbONN8SOT0l5wWrUSYFUcVzMPTyfdT23ZVIdVD5yZCySgi/7PSh5mVmyLIZVIXlNrZJg= @b12f Yubi Main"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEST9eyAY3nzGYNnqDYfWHu+89LZsOjyKHMqCFvtP7vrgB7F7JbbECjdjAXEOfPDSCVwtMMpq8JJXeRMjpsD0rw= @b12f Yubi Backup" "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEST9eyAY3nzGYNnqDYfWHu+89LZsOjyKHMqCFvtP7vrgB7F7JbbECjdjAXEOfPDSCVwtMMpq8JJXeRMjpsD0rw= @b12f Yubi Backup"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFro/k4Mgqyh8yV/7Zwjc0dv60ZM7bROBU9JNd99P/4co6fxPt1pJiU/pEz2Dax/HODxgcO+jFZfvPEuLMCeAl0= YubiKey #10593996 PIV Slot 9a @teutat3s"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/58A18EtxnLYHu63c/+AyTSkJQSso/VVdHUFGp1CTk cardno:FFFE34353135 @hensoko"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy hensoko@hensoko-tp-work"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKa5elEXgBc2luVBOHVWZisJgt0epFQOercPi0tZzPU root@cloud.pub.solar" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKa5elEXgBc2luVBOHVWZisJgt0epFQOercPi0tZzPU root@cloud.pub.solar"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCelYBqrnyU1AI2p9urIrbVxRwnH81qDWF16BXU8sqMY47htvGji8FAnCBxCnd/9r5aOsOem4lKNoPQmzGFkZQZFn7xdxVO9uzcgIEFDWKK8dQ9MzmuB2W7JXMNjCs0zktkVu5hWpYiFGhN3QEMkqKoB+fJPBQ7d6J1488Yu3Zd3odyt8x1UMWfU7ObZIOCIzJIR0F23jACkh5Q1xWJXI7rUcycCZen4aWE6uYVTE7w94ARpTHHs6NlsQwUz3+aXKaWIoFLoXHumNO3mgrs/XzMgc96pS5HrbiauwL0GS5SRkskxMPbGr93mWeTEVsDd7Q6pszTzNeVM+0O9V/iVUfwyQ6L2OVUa+fYcGiCIjSJ7DzpPW7dx/bWDTtEyPb0amf1hvof9Q0R1LLHuYUPlxSy9ySp4aHM3++u4B10PKQnebvafkXAn98lgQolFiiuAn5dekGcHiFj1vQu2NP+E+LnQFDhPa61YQD2GVvAzR5Uh/2tZLIvXEoqDMZvKY9n02SsTGBeSweGd8kgT9WVkhQ3c2zAkfkGqPiJwYpaFVd8s/z+vLp+ViCgPY401sNNPQ81AoERY7BrcIRFG1Ed29jMVuzySDKpRGOYo/9H/RiHigIqAyUs2D0VOTYPbmCUZa17iZuPHhc6VLX/ar9optIBbV5EsXfDWhoy+fIXlQ+pw== root@nougat"
]; ];
}; };
}; };