diff --git a/common/base-server.nix b/common/base-server.nix
index 3f5616e..c3f0251 100644
--- a/common/base-server.nix
+++ b/common/base-server.nix
@@ -1,4 +1,8 @@
 { lib, pkgs, ... }: {
+  imports = [
+    ./known-ssh-keys.nix
+  ];
+
   nixpkgs.overlays = import ../overlays;
 
   nix.package = lib.mkDefault pkgs.lix;
diff --git a/common/known-ssh-keys.nix b/common/known-ssh-keys.nix
new file mode 100644
index 0000000..c56eb6e
--- /dev/null
+++ b/common/known-ssh-keys.nix
@@ -0,0 +1,9 @@
+{ ... }:
+let
+  ssh-keys = import ./ssh-keys;
+in
+{
+  programs.ssh.knownHosts = {
+    "cl.forkos.org".publicKey = ssh-keys.gerrit01;
+  };
+}