···

       
366
       
366
       
 
       
            type = "rsa";

     

       
367
       
367
       
 
       
            bits = 4096;

     

       
368
       
368
       
 
       
            path = "/etc/ssh/ssh_host_rsa_key";

     

       
369
       
369
       
-
       
            rounds = 100;

     

       
370
       
369
       
 
       
            openSSHFormat = true;

     

       
371
       
370
       
 
       
          }

     

       
372
       
371
       
 
       
          {

     

       
373
       
372
       
 
       
            type = "ed25519";

     

       
374
       
373
       
 
       
            path = "/etc/ssh/ssh_host_ed25519_key";

     

       
375
       
375
       
-
       
            rounds = 100;

     

       
376
       
374
       
 
       
            comment = "key comment";

     

       
377
       
375
       
 
       
          }

     

       
378
       
376
       
 
       
        ];

     
···

       
798
       
796
       
 
       
              ssh-keygen \

     

       
799
       
797
       
 
       
                -t "${k.type}" \

     

       
800
       
798
       
 
       
                ${lib.optionalString (k ? bits) "-b ${toString k.bits}"} \

     

       
801
       
801
       
-
       
                ${lib.optionalString (k ? rounds) "-a ${toString k.rounds}"} \

     

       
802
       
799
       
 
       
                ${lib.optionalString (k ? comment) "-C '${k.comment}'"} \

     

       
803
       
800
       
 
       
                ${lib.optionalString (k ? openSSHFormat && k.openSSHFormat) "-o"} \

     

       
804
       
801
       
 
       
                -f "${k.path}" \