Switch to SSH keys instead of passwords

This is better for automation and security (which of course is only a
thing if the default key is not used).

3 files changed, 10 insertions, 1 deletions

diff --git a/README.md b/README.md
index 31ec98c..346befd 100644
--- a/README.md
+++ b/README.md
@@ -90,10 +90,10 @@ locale-gen
 echo 'LANG=en_US.UTF-8' > /etc/locale.conf
 echo 'craft-archlinux' > /etc/hostname
 mkinitcpio -P
-echo 'root' | passwd -s
 systemctl enable NetworkManager
 systemctl enable chronyd
 sed -i 's|#PermitRootLogin prohibit-password|PermitRootLogin yes|g' /etc/ssh/sshd_config
+echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFB/sCmZZ9lffCfAjbNCHRsW95/s75p5qMp+9Ch4/NPn' > /root/.ssh/authorized_keys
 systemctl enable sshd
 
 # bootloader installation
@@ -142,5 +142,6 @@ ssh \
     -p 9999 \
     -o UserKnownHostsFile=/dev/null \
     -o StrictHostKeyChecking=no \
+    -i keys/craft_ed25519 \
     root@localhost
 ```
diff --git a/keys/craft_ed25519 b/keys/craft_ed25519
new file mode 100644
index 0000000..30b0d7a
--- /dev/null
+++ b/keys/craft_ed25519
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACBQf7ApmWfZX3wnwI2zQh0bFvef7O+aeajKfvQoePzT5wAAAJBMhIdGTISH
+RgAAAAtzc2gtZWQyNTUxOQAAACBQf7ApmWfZX3wnwI2zQh0bFvef7O+aeajKfvQoePzT5w
+AAAECzt9IUB697tk4kPeyJFUK8IY7chwcMcKZB2cGY3Tvgp1B/sCmZZ9lffCfAjbNCHRsW
+95/s75p5qMp+9Ch4/NPnAAAADGphbkB0aGlua3BhZAE=
+-----END OPENSSH PRIVATE KEY-----
diff --git a/keys/craft_ed25519.pub b/keys/craft_ed25519.pub
new file mode 100644
index 0000000..abc695e
--- /dev/null
+++ b/keys/craft_ed25519.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFB/sCmZZ9lffCfAjbNCHRsW95/s75p5qMp+9Ch4/NPn