added sshd config.

configs/nixos/sshd.nix

@@ -0,0 +1,20 @@
+{
+  config,
+  pkgs,
+  inputs,
+  outputs,
+  ...
+}: {
+  services.openssh = {
+    enable = true;
+    settings.PermitRootLogin = "prohibit-password";
+    settings.PasswordAuthentication = false;
+  };
+  # so we dont have to set TERM everytime we ssh in.
+  environment.systemPackages = with pkgs; [
+    kitty.terminfo
+  ];
+  # if it can log into root, it should also be able to log in to the main user.
+  users.users.${config.host.user}.openssh.authorizedKeys.keys =
+    config.users.users.root.openssh.authorizedKeys.keys;
+}

hosts/archlaptop-vm/default.nix

@@ -17,6 +17,8 @@ inputs.nixpkgs.lib.nixosSystem {
     ../../configs/nixos/sound.nix
     ../../configs/nixos/interactive-networking.nix
     ../../configs/nixos/i3
+    ../../configs/nixos/sshd.nix
+    ./secrets.nix
     ({
       config,
       pkgs,
@@ -58,7 +60,6 @@ inputs.nixpkgs.lib.nixosSystem {
           firefox
           #  thunderbird
         ];
-        openssh.authorizedKeys.keys=config.users.users.root.openssh.authorizedKeys.keys;
       };
 
       home-manager.users.${config.host.user} = {

hosts/workstation-vm/default.nix

@@ -21,6 +21,7 @@ inputs.nixpkgs.lib.nixosSystem {
     ../../configs/nixos/nfsv2.nix
     ../../configs/nixos/i3
     ../../configs/nixos/common.nix
+    ../../configs/nixos/sshd.nix
     ./secrets.nix
     ({
       config,
@@ -65,7 +66,6 @@ inputs.nixpkgs.lib.nixosSystem {
           firefox
           #  thunderbird
         ];
-        openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
       };
 
       home-manager.users.${config.host.user} = {