make known_host persistent

2025-11-06 20:12:28 +01:00
parent d9df32f7cf
commit 4d5d14bb26
2 changed files with 30 additions and 7 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -7,4 +7,9 @@ services:
      - SYS_CHROOT
    environment:
      - COMMAND=/app/tui
+    volumes:
+      - ssh_host_key:/app/host_key
    restart: unless-stopped
+
+volumes:
+  ssh_host_key:
--- a/main.go
+++ b/main.go
@@ -4,6 +4,7 @@ import (
 	"crypto/ed25519"
 	"crypto/rand"
 	"encoding/binary"
+	"encoding/pem"
 	"io"
 	"log"
 	"net"
@@ -23,13 +24,30 @@ func main() {
 		},
 		NoClientAuth: true,
 	}
-	_, key, err := ed25519.GenerateKey(rand.Reader)
-	if err != nil {
-		log.Fatal(err)
-	}
-	signer, err := ssh.NewSignerFromKey(key)
-	if err != nil {
-		log.Fatal(err)
+	var signer ssh.Signer
+	keyFile := "/app/host_key"
+	if data, err := os.ReadFile(keyFile); err == nil {
+		signer, err = ssh.ParsePrivateKey(data)
+		if err != nil {
+			log.Fatal("Failed to parse existing host key:", err)
+		}
+	} else {
+		_, key, err := ed25519.GenerateKey(rand.Reader)
+		if err != nil {
+			log.Fatal(err)
+		}
+		signer, err = ssh.NewSignerFromKey(key)
+		if err != nil {
+			log.Fatal(err)
+		}
+		block, err := ssh.MarshalPrivateKey(signer, "")
+		if err != nil {
+			log.Fatal("Failed to marshal host key:", err)
+		}
+		privateKeyBytes := pem.EncodeToMemory(block)
+		if err := os.WriteFile(keyFile, privateKeyBytes, 0600); err != nil {
+			log.Fatal("Failed to save host key:", err)
+		}
 	}
 	config.AddHostKey(signer)
 	listener, err := net.Listen("tcp", ":22")