20 lines
601 B
Nix
20 lines
601 B
Nix
|
{ username, ... }: let
|
||
|
|
keys = [
|
||
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINkHOpdBpYV3KJV+AtBK3jD6MLDZzAwh9HFt0LsLxBV0" # Old key
|
||
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDEDqpSiQpbSsClh6UGb7Z2DA1Hy+EyePzTy+5hEVD/A" # Main key
|
||
|
|
];
|
||
|
|
in {
|
||
|
|
users.users.${username}.openssh.authorizedKeys.keys = keys;
|
||
|
|
users.users.root.openssh.authorizedKeys.keys = keys;
|
||
|
|
services.openssh = {
|
||
|
|
enable = true;
|
||
|
|
settings = {
|
||
|
|
PasswordAuthentication = false;
|
||
|
|
KbdInteractiveAuthentication = false;
|
||
|
|
PermitRootLogin = "prohibit-password";
|
||
|
|
};
|
||
|
|
ports = [ 22 ];
|
||
|
|
openFirewall = true;
|
||
|
|
};
|
||
|
|
}
|