use the users.users.<name>.openssh.authorizedKeys.keyFiles options in combination with sops-nix to keep the keys private.
While those are only public keys - which are not secret - I would prefer it to keep them out of the config.
This also serves the broader goal of making this flake easier to maintain, see #132.
use the
users.users.<name>.openssh.authorizedKeys.keyFilesoptions in combination withsops-nixto keep the keys private.While those are only public keys - which are not secret - I would prefer it to keep them out of the config.
This also serves the broader goal of making this flake easier to maintain, see #132.