dotfiles/nix/server/ssh.nix
2025-01-27 01:16:04 +04:00

20 lines
326 B
Nix

{ config
, pkgs
, lib
, ...
}:
let
cfg = config.kp2pml30.server;
in {
services.openssh = {
enable = true;
ports = [ 22 ];
openFirewall = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = lib.mkForce "no";
AllowUsers = [ cfg.username ];
};
};
}