# /nix/store/<hash>/etc/ssh/ssh_config & /nix/store/<hash>/etc/ssh/authorized_keys
{
  lib,
  systemConfig,
  systems,
  knownSystems,
  common,
  ...
}:
let
  allSystems = knownSystems // systems;
in
{
  programs.ssh.knownHosts = builtins.mapAttrs (hostName: system: {
    extraHostNames = [
      (
        if (system ? address && system.address ? tailnet) then
          system.address.tailnet
        else
          common.tailnetAddr hostName
      )
    ];
    publicKey = system.ssh.publicKey;
  }) allSystems;
  users.users.${systemConfig.username}.openssh.authorizedKeys.keys = (
    lib.mapAttrsToList (_hostName: system: system.ssh.publicKey) allSystems
  );
}