added sshd config.

This commit is contained in:
Gabe Venberg 2024-06-03 17:36:45 -05:00
parent 4127c28ed6
commit b04ab13d39
3 changed files with 23 additions and 2 deletions

20
configs/nixos/sshd.nix Normal file
View file

@ -0,0 +1,20 @@
{
config,
pkgs,
inputs,
outputs,
...
}: {
services.openssh = {
enable = true;
settings.PermitRootLogin = "prohibit-password";
settings.PasswordAuthentication = false;
};
# so we dont have to set TERM everytime we ssh in.
environment.systemPackages = with pkgs; [
kitty.terminfo
];
# if it can log into root, it should also be able to log in to the main user.
users.users.${config.host.user}.openssh.authorizedKeys.keys =
config.users.users.root.openssh.authorizedKeys.keys;
}

View file

@ -17,6 +17,8 @@ inputs.nixpkgs.lib.nixosSystem {
../../configs/nixos/sound.nix ../../configs/nixos/sound.nix
../../configs/nixos/interactive-networking.nix ../../configs/nixos/interactive-networking.nix
../../configs/nixos/i3 ../../configs/nixos/i3
../../configs/nixos/sshd.nix
./secrets.nix
({ ({
config, config,
pkgs, pkgs,
@ -58,7 +60,6 @@ inputs.nixpkgs.lib.nixosSystem {
firefox firefox
# thunderbird # thunderbird
]; ];
openssh.authorizedKeys.keys=config.users.users.root.openssh.authorizedKeys.keys;
}; };
home-manager.users.${config.host.user} = { home-manager.users.${config.host.user} = {

View file

@ -21,6 +21,7 @@ inputs.nixpkgs.lib.nixosSystem {
../../configs/nixos/nfsv2.nix ../../configs/nixos/nfsv2.nix
../../configs/nixos/i3 ../../configs/nixos/i3
../../configs/nixos/common.nix ../../configs/nixos/common.nix
../../configs/nixos/sshd.nix
./secrets.nix ./secrets.nix
({ ({
config, config,
@ -65,7 +66,6 @@ inputs.nixpkgs.lib.nixosSystem {
firefox firefox
# thunderbird # thunderbird
]; ];
openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
}; };
home-manager.users.${config.host.user} = { home-manager.users.${config.host.user} = {