diff --git a/roles/security.nix b/roles/security.nix
index 962765f..4539e83 100644
--- a/roles/security.nix
+++ b/roles/security.nix
@@ -25,6 +25,12 @@
     };
   };
 
+  services.openssh = {
+    hostKeys = [
+      { path = "/etc/ssh/ssh_host_ed25519_key"; type = "ed25519"; }
+    ];
+  };
+
   # Ban brute force SSH
   services.fail2ban.enable = true;
 }