From e5eee00ec1fbda623ae44f6eadd8b68a046081f1 Mon Sep 17 00:00:00 2001
From: Infinidoge <infinidoge@inx.moe>
Date: Wed, 20 Mar 2024 17:14:18 -0400
Subject: [PATCH] global/security: don't generate RSA host keys

---
 modules/global/security.nix | 14 ++------------
 1 file changed, 2 insertions(+), 12 deletions(-)

diff --git a/modules/global/security.nix b/modules/global/security.nix
index 347a1d0..4458db5 100644
--- a/modules/global/security.nix
+++ b/modules/global/security.nix
@@ -39,20 +39,10 @@ with lib;
     enable = true;
     openFirewall = mkDefault true;
     settings.X11Forwarding = mkDefault false;
-    hostKeys = mkDefault [
-      {
-        bits = 4096;
-        openSSHFormat = true;
-        path = "/etc/ssh/ssh_host_rsa_key";
-        rounds = 100;
-        type = "rsa";
-      }
-      {
+    hostKeys = mkDefault [{
         path = "/etc/ssh/ssh_host_ed25519_key";
-        rounds = 100;
         type = "ed25519";
-      }
-    ];
+    }];
   };
 
   services.nginx = {