how the proper way users.users and authorizedKeysFiles in configuration.nix

Question

I just learn to install nixos

here is some from my /etc/nixos/configuration.nix

...
  users.users.bino = {
    isNormalUser = true;
    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
  };

...

  # Enable the OpenSSH daemon.
  services.openssh.enable = true;
  services.openssh.authorizedKeysFiles = ["./ssh-keys.nix"];

and here is my /etc/nixos/ssh-keys.nix

[root@nixos_bino:/etc/nixos]# cat ./ssh-keys.nix 
{
  bino = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCt7LNPLKQdWPB/AdpMaghkyju0aeZ9gFvQcxPWNqKXRpDiQvPTtSf+lCgTx1XR2drEzTjUqeo33ztA+2/t9RNluVr9etGCFYkmjNLyxZ0ohCR+MUxyZvsrYUATPsBZipkxCosTfRlabbgjmLxOwrcutMLgvuaIQRrPKG/zp5oQbiMi0M3F+QbN/R1jrWGNrOa+uPg75/TubpRTjddsi24G2hw75/Z5OJ6JZi//hc3uL85jtMXqOYLlBSBzdLHh+TgaK2RpsHKYrYd9WAs99BGuIBmJ4WEW2yyxpo9+6fPbjD0WwjB9UUSd5olgbGYrGaCfBQAE0ztAR5OzhI944mNV bino@bino-ThinkPad-X201";
}

I run nixos-install got no error

Reboot

Try to ssh that new installation with ssh [email protected] (192.168.1.228 is configured as static IP), the host still ask for password.

Try to ssh with root, got success. Found that user 'bino' is created including it's home directory.

So my question is : How is the proper way to add some default user with ssh-key in configuration.nix ?

Sincerely

-bino-

Answer 1

The problem is with

services.openssh.authorizedKeysFiles = ["./ssh-keys.nix"];

which tells NixOS to use the plain string "./ssh-keys.nix" somewhere int the system configuration. What you intended is for the file to be read and its contents used in the system configuration.

The following should work:

users.users.bino.openssh.authorizedKeys.keys
 =
  let keys = import ./ssh-keys.nix;
  in [ keys.bino ];