17 lines
363 B
Nix
17 lines
363 B
Nix
{ lib, ... }:
|
|
|
|
{
|
|
|
|
services.openssh.enable = true;
|
|
services.openssh.settings = {
|
|
PasswordAuthentication = false;
|
|
KbdInteractiveAuthentication = false;
|
|
PermitRootLogin = lib.mkDefault "no";
|
|
};
|
|
services.openssh.hostKeys = lib.mkForce [
|
|
# Only create ed25519 host keys
|
|
{ type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
|
];
|
|
|
|
}
|