chore: remove baked SSH key from template user

Rely on cloud-init SSH key injection from secrets for access rotation instead of storing an authorized key in the template config.
2026-02-28 12:45:04 +00:00
parent 17834b3aa7
commit b3521d6c02
1 changed files with 0 additions and 3 deletions
--- a/nixos/template-base/configuration.nix
+++ b/nixos/template-base/configuration.nix
@@ -30,9 +30,6 @@
    isNormalUser = true;
    extraGroups = [ "wheel" ];
    shell = pkgs.fish;
-    openssh.authorizedKeys.keys = [
-      "REPLACE_WITH_SINGLE_LINE_PUBLIC_KEY"
-    ];
  };

  security.sudo.wheelNeedsPassword = false;