diff --git a/nixos/ninurta/configuration.nix b/nixos/ninurta/configuration.nix
index ec505b7..686be96 100644
--- a/nixos/ninurta/configuration.nix
+++ b/nixos/ninurta/configuration.nix
@@ -10,7 +10,7 @@ let
   wgHydraPrivKey = "pruflas-wg-hydra-key";
   wg0PresharedKey = "pruflas-wg0-preshared-key";
   hydraGitHubAuth = "hydra-github-authorization";
-  initrdPrivateKey = "/etc/ssh/initrd_ssh_host_ed25519_key";
+  initrdSshKey = "ninurta-initrd-ssh-key";
 in
 {
   imports = [
@@ -44,29 +44,29 @@ in
         enable = true;
         port = 2222;
         authorizedKeys = config.dadada.admin.users.dadada.keys;
-        hostKeys = [ initrdPrivateKey ];
+        hostKeys = [ age.secrets.${initrdSshKey}.path ];
       };
     };
     # Kinda does not work?
-    # systemd = {
-    #   enable = true;
-    #   network = {
-    #     enable = true;
-    #     links = {
-    #       "10-lan" = {
-    #         matchConfig.Name = "e*";
-    #         linkConfig.MACAddressPolicy = "persistent";
-    #       };
-    #     };
-    #     networks = {
-    #       "10-lan" = {
-    #         matchConfig.Name = "e*";
-    #         networkConfig.DHCP = "ipv4";
-    #         linkConfig.RequiredForOnline = "routable";
-    #       };
-    #     };
-    #   };
-    # };
+    systemd = {
+      enable = true;
+      network = {
+        enable = true;
+        links = {
+          "10-lan" = {
+            matchConfig.Name = "e*";
+            linkConfig.MACAddressPolicy = "persistent";
+          };
+        };
+        networks = {
+          "10-lan" = {
+            matchConfig.Name = "e*";
+            networkConfig.DHCP = "ipv4";
+            linkConfig.RequiredForOnline = "routable";
+          };
+        };
+      };
+    };
   };
 
   fileSystems."/mnt/storage" = {
@@ -151,6 +151,10 @@ in
   age.secrets.${wg0PrivKey}.file = "${secretsPath}/${wg0PrivKey}.age";
   age.secrets.${wg0PresharedKey}.file = "${secretsPath}/${wg0PresharedKey}.age";
   age.secrets.${wgHydraPrivKey}.file = "${secretsPath}/${wgHydraPrivKey}.age";
+  age.secrets.${initrdSshKey} = {
+    file = "${secretsPath}/${initrdSshKey}.age";
+    mode = "700";
+  };
 
   services.snapper = {
     cleanupInterval = "1d";
diff --git a/secrets/ninurta-initrd-ssh-key.age b/secrets/ninurta-initrd-ssh-key.age
new file mode 100644
index 0000000..4a51114
Binary files /dev/null and b/secrets/ninurta-initrd-ssh-key.age differ
diff --git a/secrets/ninurta-initrd_ssh_host_ed25519_key.age b/secrets/ninurta-initrd_ssh_host_ed25519_key.age
deleted file mode 100644
index 20e4971..0000000
Binary files a/secrets/ninurta-initrd_ssh_host_ed25519_key.age and /dev/null differ
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 23ebc62..fe31719 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -22,7 +22,7 @@ in
   "gorgon-backup-passphrase-gs.age".publicKeys = [ systems.gorgon dadada ];
   "paperless.age".publicKeys = [ systems.gorgon dadada ];
   "surgat-ssh_host_ed25519_key.age".publicKeys = [ systems.surgat dadada ];
-  "ninurta-initrd_ssh_host_ed25519_key.age".publicKeys = [ systems.ninurta dadada ];
+  "ninurta-initrd-ssh-key.age".publicKeys = [ systems.ninurta dadada ];
 } //
 backupSecrets "ninurta" //
 backupSecrets "gorgon" //