21 lines
447 B
Nix
21 lines
447 B
Nix
{ config, lib, ... }:
|
|
let
|
|
cfg = config.my.systems.ssh;
|
|
in
|
|
{
|
|
options.my.systems.ssh = {
|
|
enable = lib.mkEnableOption "Enable SSH Server";
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
|
|
# require public key authentication for better security
|
|
settings.PasswordAuthentication = false;
|
|
settings.KbdInteractiveAuthentication = false;
|
|
settings.PermitRootLogin = false;
|
|
};
|
|
};
|
|
}
|