added sshd config.

2024-06-03 17:36:45 -05:00 · 2024-06-03 17:36:45 -05:00 · b04ab13d39
parent 4127c28ed6
commit b04ab13d39
3 changed files with 23 additions and 2 deletions
--- a/configs/nixos/sshd.nix
+++ b/configs/nixos/sshd.nix
@ -0,0 +1,20 @@
+{
+  config,
+  pkgs,
+  inputs,
+  outputs,
+  ...
+}: {
+  services.openssh = {
+    enable = true;
+    settings.PermitRootLogin = "prohibit-password";
+    settings.PasswordAuthentication = false;
+  };
+  # so we dont have to set TERM everytime we ssh in.
+  environment.systemPackages = with pkgs; [
+    kitty.terminfo
+  ];
+  # if it can log into root, it should also be able to log in to the main user.
+  users.users.${config.host.user}.openssh.authorizedKeys.keys =
+    config.users.users.root.openssh.authorizedKeys.keys;
+}
--- a/hosts/archlaptop-vm/default.nix
+++ b/hosts/archlaptop-vm/default.nix
@ -17,6 +17,8 @@ inputs.nixpkgs.lib.nixosSystem {
    ../../configs/nixos/sound.nix
    ../../configs/nixos/interactive-networking.nix
    ../../configs/nixos/i3
+    ../../configs/nixos/sshd.nix
+    ./secrets.nix
    ({
      config,
      pkgs,
@ -58,7 +60,6 @@ inputs.nixpkgs.lib.nixosSystem {
          firefox
          #  thunderbird
        ];
-        openssh.authorizedKeys.keys=config.users.users.root.openssh.authorizedKeys.keys;
      };

      home-manager.users.${config.host.user} = {
--- a/hosts/workstation-vm/default.nix
+++ b/hosts/workstation-vm/default.nix
@ -21,6 +21,7 @@ inputs.nixpkgs.lib.nixosSystem {
    ../../configs/nixos/nfsv2.nix
    ../../configs/nixos/i3
    ../../configs/nixos/common.nix
+    ../../configs/nixos/sshd.nix
    ./secrets.nix
    ({
      config,
@ -65,7 +66,6 @@ inputs.nixpkgs.lib.nixosSystem {
          firefox
          #  thunderbird
        ];
-        openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
      };

      home-manager.users.${config.host.user} = {