NHacker Next
- new
- past
- show
- ask
- show
- jobs
- submit
login
Rendered at 23:08:50 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
I'd like the see the author achieve the same setup but with Nix
Unlikely to happen (with the author anyway). From TFA:
> Importantly to me, it’s not defined in some complex DSL
I'd like to see some other author achieve the same setup with Nix.
.. and/or Guix.
Previously -> https://news.ycombinator.com/item?id=42428722
Thanks, macroexpanded!
Frood, an Alpine Initramfs NAS - https://news.ycombinator.com/item?id=42428722 - Dec 2024 (13 comments)
> root/etc/ssh/ssh_host_ed25519_key and root/etc/ssh/ssh_host_ed25519_key.pub and root/root/.ssh/authorized_keys for obvious reasons.
What are the _obvious_ reasons for the NAS root to have an SSH key?
To log in and administer it? There's even an example; search for "extlinux --once". (There are other options, like a web UI or non-root SSH, but that's the obvious thing. Also if you want to advocate non-root I'm going to want to hear a threat model.)
You don't need a private key on the host for that, only your public key in authorized_keys.
Edit: Oh boy I should have paid more attention. Those are the host keys. :facepalm:
I originally tried to set up a NixOS diskless system with persistence for the same reason as the author but the LLM jerked me around and I had little understanding of the implications of the commands I was using. So I thought it best to pull the plug on that and stick with something more familiar.