diff --git a/.sops.yaml b/.sops.yaml
index 8693a14..3aec0ae 100755
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -10,6 +10,7 @@ keys:
     - &valinor age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg
     - &asgard age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg
     - &gateway age1lqvnzlendlmtwgstzrj4xzrwpatwx56k5az5au78fyg99yecwfzs3s6xn6
+    - &sandbox age1pf4auk6u2tmefuqpuc6mntr26cp4wcsmlhnn98arzxsp3753ruqsj0jqk3
 
 creation_rules:
   - path_regex: modules/shared/sops/private/iriy.[a-z]+
@@ -45,6 +46,7 @@ creation_rules:
           - *avalon
           - *asgard
           - *gateway
+          - *sandbox
         pgp:
           - *sora
 
diff --git a/modules/shared/sops/common.yaml b/modules/shared/sops/common.yaml
index 1259c2d..4204a13 100755
--- a/modules/shared/sops/common.yaml
+++ b/modules/shared/sops/common.yaml
@@ -19,51 +19,60 @@ sops:
         - recipient: age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDZDJiSFIrT2R0aFlWOEZM
-            WHdiVUdnV1BYcnc4Ui8rcVBMZW44dEJiY1ZjCkR4Y0NTdDgxNVR5eVpZQlJpQ1M1
-            NTVIcXRaWXA0cjJIdHlJenA2bG5KM0kKLS0tIFhZSXByV1hhQW1NNXdGRTA4THV0
-            TDMxMEZ0dGZSV2p2N0hUL0pDdm5XVlkKiht//HEGysG/ZCdrLhCV1mc1/SVgg5OZ
-            s+hi4JcCNdUv5VP6W6UsFA78uiDjbh5mzbeyPe4/58MUG//ToAeXgQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvZzlBUm14dnhZSS8xWWQ1
+            VlQraTBzWkkvcGxXYXg2R25RdkQxYzBYSjNvCjExMTcybE9TOGROWUxLb21RaHdH
+            MmJ1amVTRE1VRXZDM2tiL0JLM3NjNjAKLS0tIHVNaXM4S3Vjd05PSDBlRnJWTHR5
+            a0ZSYkZZbXRHUkpqQkZINHNrek5YZWsKCzuByglq9Hyo2LYavOyzYKqu3kRK005c
+            X7ZZwmmF35RzlvBtcQavLEmKo+QimFCt8ud1Ms85nvP6Zso2xz0GcQ==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1ms8f0ysv6vakxepvt69fejczs6tddexepesdv4rkgtheehj3nu4sc6290s
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwbkhKRi9ib1JnZHJwMFQx
-            MHJPQk81dzhjQytVZ1VGeUFIYWErTHUzT0E0CjJocm5nNzJTK2VqNmk1TlJFVTRp
-            czVWYVFlN0l0RzJOckhSLytDeDBieVkKLS0tIFQ1ZzdORWFTQTIvOS9PSkdkTU5Y
-            YkV2NUhFYnZ6WlE0dDJOWGtWUTlSd0kKKKd4oxrqKNuGA1MdukqqrGkUafMsxfPS
-            ot6mvgKUeQmBKauibvUqxUoKUIeYsJzPqxo4ckaNFm26eG1SrEXVMQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFaTFFSlVvQVJrb1hGaWQ3
+            K3k3ZGl1UitPK2FxTUVJZTRveFhKVnZHQ0NvCmljN3ppVVF4QWhnN0ltVkV0cHd4
+            VE1sYUN3ZERWcGYxSnBaM3FsczJESncKLS0tIE10eTNwVW5HbVVKOTFLWFUvV3JU
+            ZnJJN3ZjKzUvZFVsRlhxNFF3MXVYZnMKWvmu4EQPOKWIIqS/gbPSLpMJPBVkZaMC
+            oWbQICG82dREVbZHleQ8kGXHld+o2dleTAD63fwA3evaAMMNEIMlCA==
             -----END AGE ENCRYPTED FILE-----
         - recipient: age1lqvnzlendlmtwgstzrj4xzrwpatwx56k5az5au78fyg99yecwfzs3s6xn6
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSK0hJaWxRVUVZYmczS1lU
-            eGZlL3FvOGtIbnZQbmI1NFJreTh6TVlheTFzCjhrcHRQYy85M3ZqOVVIV0Vzc1kx
-            WDlxeXdZUDYrSzFNbEFlejE5ZkxKYVEKLS0tIExvQ0g4S1R5M1h2TG5mMkYyUlN1
-            UWhmMWJuTVMwNUJzek5iNHJrT3hrK0kK6T6oOrpeanYSRHfdSnqH+BNYYsonj2Bx
-            vcHDNzDlhzojFZI1xMhn7r8ba1kEWiMIYcsVm54ULydKfY7MzBRTpQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzUU5nNGF2TGhaRVJGekwz
+            VGNoNFY1a2JCOXZZSUVNRDVMTzc5SWdmclM4CmtmQmp6NEhhUThZSFNYbnFLWnlj
+            cy8xVTdDQkpJRStKZnV6YmxxY2lEbmsKLS0tIHFhU3FqbTZBZWxsYW9HSmhMNEFF
+            RVdoQXkwdC9RelNEclJET0hYOGpabEkKt5gbUyc9y4YWvtZCbsttXHlj/PfUQ6GQ
+            kSwe2/DB6TXVO8Wk14H6BDlrOtFZGonhqOeg0vgwYx//FHMgA3XcLA==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1pf4auk6u2tmefuqpuc6mntr26cp4wcsmlhnn98arzxsp3753ruqsj0jqk3
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzOFVCWE15WXpVTUV5YUM0
+            b0NVU0lBcHdqeGVBNCtJZHJmNmc1UjFTTDE0ClFiQmpacU8zeXZ6WU5uUWRDRGR4
+            Q2hOV08zVjVJKzhvS25jaFVqRERDSzAKLS0tIGU3NUpFOXpON05qRWpNZkJPRzFh
+            SkxQRXNNQjAwRk9lWWcrckVCVjVzbncKAgqlfSlBo1woC+0H7AkWbYaQnzTbTiiG
+            gi52yMYcB1JzIV3xxIP4Ci2gjCtilQB+OO+yimybwTND6nLqhq038A==
             -----END AGE ENCRYPTED FILE-----
     lastmodified: "2026-05-02T18:24:38Z"
     mac: ENC[AES256_GCM,data:92OHzhYggCmyKq/FcNrbwmRTvP0TWdCm6bWYcY4k2ncC4jkmsHJijC7iyI/ePXQ0R82q9q9OmQuAszct/yPS1x2eEisIjN1v8TeYpFKoFWITQy9mgmKYQz8WRbrCH+zLRyhDFYskl85JilIP62j1gJ5TGiG66wM5foObr4jLMCI=,iv:WocHvsV2HJpnCHLAKoe8FjEvHt7EWt8+VWe30TeT6CU=,tag:+7pWtNJm7yHM86NXuZYdRw==,type:str]
     pgp:
-        - created_at: "2026-05-01T21:16:06Z"
+        - created_at: "2026-05-03T15:10:05Z"
           enc: |-
             -----BEGIN PGP MESSAGE-----
 
-            hQIMA6R3Y9nD7qMBARAAiKt59Ai/LlJyQqWYd/PMSFl3yutZ4t1LgBghHkuFm+MO
-            uDb2pwFj3xsBH7CEEfnoaXH48YSt5yJ4mp7ZsJGMsQQGD2LMvbZj7sTAXJ/5Nvp/
-            AZs3Vhw8yEmyYdI3UyGK+Cwik+8XsOvpmy9mETkidcHKyZG5H1sORWZ9seGSALOq
-            c0tc4tURnkH5xkSyxO6N4OU3ymrno5BzdFVeRzI0C2DwyFsXhMhnGoUr0KVWeRvb
-            WkYgkNGDyNWtihrmiU9CFMgB4F8WWmFOT3Z6+akPv/pvjvb1OhwcEfyPdA2mLXHI
-            ZGnhNx2UQ2+xdmi5rqjK+iW7V1KyDf2xxX5ekbziZuD0UzQPIK0SkbsElSQfeb03
-            /EtcLCKoWP2UPPCQf3vLOjrWRVy6nkIdDW20S9FelmXpzEh/hqQnSzILPLJ6Jgxv
-            I+S7JcCMUcyzI3hywb823JG0GUA8YwbNdloAKMOIz/Gxzw102YX0egyLTLUXs+fF
-            q+ZcRs6xz6a8GHF2b1GTQAyEw2zFhdryXDRl20Vai8h1UW+TYeREZspNf6L4cFMa
-            5P9Dy15LwuT99gSG9cR/p/iraSMoNb/u2Thq7OkeE0fchJh2VINbafRjViy25Nzf
-            Hpcg9Dr0cnazTGLZSoJCIfYFBSMpEVVOZu2GRSqeYMMsFzlh8S0JLrGDIS8RxI7S
-            XAGz5YTNYFeum2Ie63vDptNKbDKfTfxhwRsz3VGOjqWwJUIf6HVWaWu6sDES54Ye
-            Tfaiex84v7nkHNb4d9y5/40hZvAk7mElwrcNZ4grfYMiVVt5kTWwuNvGzCqD
-            =rfe+
+            hQIMA6R3Y9nD7qMBAQ//UxpbB350J+ux1TYL0tyIFHHZjZR1SuDF6Zz+WuVu4CC8
+            c2BJ/icaV/1czdtosYTSO++YjIWGH2cjry9b8YvFNHmQ2E0qkRM0WEc4E6SP0jj6
+            izxFjiwgtBG4B3PEj0MSKCf8vTf+lKeQToqyJ/V6REGPVe6ueWeC5YongSYMb1cL
+            1djxED6NjD25TDRbQuj/V96/HphXfmd3oeddx5Dj/LRiYMfwSFTa2e7825m/rq9Y
+            zGpdxRYRt89LZtDscaZWcHP8vBQDwL/ncLTZr+iZyYnBzrhAWBAGGewQW5LXGJXy
+            ciOXZbOF4gWZSTywoN+8xh6UBBR2dBElqYD1/us2856epK0k/5FhKAt0JTHpOmJK
+            RzV0IoNX2HFQGjSbZ0fs3ftX0Ndrw6F05aXd5FMPslu95i083aOoFu0fMocFsOFw
+            UCEdfAlLrwo+qn9q9OBB/vgL20gzxZwvGAW8SO9c7fSDX6NljPuitGaVP3HLScno
+            zNrPgFWn1BLUe/4Hygmzg8oROtJ5TNLYIMWVXgVEM+GHNH+euMGjuPMpX4VZCv0S
+            +Fqcbf58EUPqGRvyHZSopSKAI5b5wXQihBeN5k5mVcD8iYCYJIOZCD+M29UMg2xM
+            DpKVPC0osKelD3ocW/N50R1pBzMMuPZaXJ2NepWk12VtziYVeYcJdFIk3vkEEkfS
+            XAHKQVdaVI91NEeoNySqDdOQyiQzuWUBkDmcolVhy6S9Avb2WBscLbXs52iXIAIG
+            2xKxuo4+4rthWUF2vnaH30/i0p7SNqFzUdmJGiOpJB6zMommBxOfo3n/cNXv
+            =1VZt
             -----END PGP MESSAGE-----
           fp: 4E241635F8EDD2919D2FB44CA362EA0491E2EEA0
     unencrypted_suffix: _unencrypted
diff --git a/systems/sandbox/default.nix b/systems/sandbox/default.nix
index abf89c8..0e55d0f 100644
--- a/systems/sandbox/default.nix
+++ b/systems/sandbox/default.nix
@@ -1,9 +1,4 @@
 { config, inputs, ... }: {
   imports = [ ./hardware.nix ../../modules/server ];
-
-  services.openssh.enable = true;
-  users.users.root.openssh.authorizedKeys.keys = [
-    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0GpKd62XMlO410/iYkNG8MHdGGaeMG3Gmsf3Pv3u2BllUzR9Dpym1ZOz2lwo3iK0FimcQpOiJqSIahO59HJl8jQ9BoQrJMXH7l2kuq1T09cMNWGjlzowg0LWKWOzoBzOwcheyW68OJGgkSfvk9BdshkUYTLVBXjiI9jo/8Qkcv1WLJJvJmDBDwnbYDQpODXCEDQ/t3YVubb+ocLmh40sDUffJLWZQXN6OFW9N5XxnvY7K5x9ci9GU4Reei40K8yDw2Hgi0njzijRdzie3MJlKPPawJ2TATu9LsGuxfx8bJXVx+mNxP0lhO8dOOhP7p0ozTxlJJY9ZWaKgOz3SzYNCgJ1gH7NtTBtSruXd6pfmErUmuJEAeMD6+QF3yJ5tnVFNPoSHqjP+oL3CgSRpmuvn7ChSSI3J3UVhLux165VtwIL7UhosO2mCqmn0Yk2mSBkB/L4ZiWFmO3vYdagYNQX7xZHzCJ5my8vomiT+DUGb2h/o1NetKwIZJiFAuHxKt3k= sora@valinor"
-  ];
 }