In my NIOSSH project, I'm using a fixed SSH key using this code:
let fixedKeyBase64b = "UIL9M6Utw/jiupzqq6F8EW4qySxAbgDS+wT7/RIjkJ4="
let fixedKeyData = Data(base64Encoded: fixedKeyBase64b)!
let hostKey = NIOSSHPrivateKey(ed25519Key: try! .init(rawRepresentation: fixedKeyData))
It's adapted from an example that always creates a random key every time the app launches. The problem with that solution is that you get an error because the key won't match the 'known_hosts' entry. On the other hand, having a key hard coded in the source isn't very welcome either.
My question is this: how can I use something that is static like a hostname or perhaps MAC address to generate a NIOSSHPrivateKey?
NIOSSHPrivateKeys are wrappers around CryptoKit keys, so any way you can generate a CryptoKit key works here. In general for persistent keys we assume you'll persist them to some kind of storage, either the filesystem or the keychain, and then load them again on startup.
Thanks, good to understand that persisting one that is created is the assumed use. AFAIK Keychain is only available on Apple platforms. Is there an alternative for Linux? I now persist the keydata as a base64 string in the filesystem , but that does not sound like a very secure solution.
There's nothing out of the box on Linux, no. Some distributions have support for things that approximate the macOS keychain, but they're not widely supported.