nixos/ssh: take care not to accept empty host key files

In case of a power loss shortly after first boot, the host keys gernerated by ssh-keygen could exist in the file system but have zero size, preventing sshd from starting up. This commit changes the behaviour to generate host keys if the file either does not exist or has zero size, fixing the problem on the next boot. Thanks to @SuperSandro2000 for figuring this out.
2021-10-12 12:21:53 +02:00 · 2021-10-12 12:21:53 +02:00 · 97e61a071d
commit 97e61a071d
parent 8da58db50b
1 changed files with 1 additions and 1 deletions
--- a/nixos/modules/services/networking/ssh/sshd.nix
+++ b/nixos/modules/services/networking/ssh/sshd.nix
@ -439,7 +439,7 @@ in
                mkdir -m 0755 -p /etc/ssh

                ${flip concatMapStrings cfg.hostKeys (k: ''
-                  if ! [ -f "${k.path}" ]; then
+                  if ! [ -s "${k.path}" ]; then
                      ssh-keygen \
                        -t "${k.type}" \
                        ${if k ? bits then "-b ${toString k.bits}" else ""} \