diff --git a/modules/services/ssh.nix b/modules/services/ssh.nix
index 8ebad84..7143995 100644
--- a/modules/services/ssh.nix
+++ b/modules/services/ssh.nix
@@ -7,6 +7,7 @@ in
   flake.modules.nixos.ssh = { pkgs, config, lib, ... }:
   let
     cfg = config.ssh;
+    userCAPath = "ssh/ssh_user_ca.pub";
   in
   {
     options.ssh = {
@@ -27,16 +28,16 @@ in
           {
             PasswordAuthentication = false;
             KbdInteractiveAuthentication = false;
+            HostKey = "/etc/ssh/ssh_host_ed25519_key";
           }
           (lib.mkIf cfg.certificates.enable {
-            TrustedUserCAKeys = "/etc/ssh/ssh_user_ca.pub";
-            HostKey = "/etc/ssh/ssh_host_ed25519_key";
+            TrustedUserCAKeys = "/etc/${userCAPath}";
             HostCertificate = "/etc/ssh/ssh_host_ed25519_key-cert.pub";
           })
         ];
       };
 
-      environment.etc."ssh/ssh_user_ca.pub" = lib.mkIf cfg.certificates.enable {
+      environment.etc."${userCAPath}" = lib.mkIf cfg.certificates.enable {
         source = cfg.certificates.userCA;
       };