From ae92ed5df79d894af9f4ed85be8d1281f4755761 Mon Sep 17 00:00:00 2001
From: Soispha <soispha@vhack.eu>
Date: Tue, 4 Jul 2023 08:53:24 +0200
Subject: Fix(system/services/openssh): Don't hash know hosts

The trade off between security and convenience isn't worth it.
---
 home-manager/config/ssh/default.nix | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

(limited to 'home-manager')

diff --git a/home-manager/config/ssh/default.nix b/home-manager/config/ssh/default.nix
index 31784050..8e0820cf 100644
--- a/home-manager/config/ssh/default.nix
+++ b/home-manager/config/ssh/default.nix
@@ -1,12 +1,8 @@
-{
-  config,
-  pkgs,
-  ...
-}: {
+{config, ...}: {
   programs.ssh = {
     enable = true;
     compression = true;
-    hashKnownHosts = true;
+    hashKnownHosts = false;
     serverAliveInterval = 240;
     userKnownHostsFile = "${config.xdg.dataHome}/ssh/know_hosts";
   };
-- 
cgit 1.4.1