diff options
| author | sils <sils@sils.li> | 2023-01-20 22:28:23 +0100 |
|---|---|---|
| committer | sils <sils@sils.li> | 2023-01-20 22:28:23 +0100 |
| commit | 22aa391c3d423023d7a92d39d8d28178301feb9a (patch) | |
| tree | fd7d023055d7f535e55c4796e5fabd68d1c666b8 /services/opensshd.nix | |
| parent | Merge pull request 'server1_rust-motd' (#11) from server1_rust-motd into server1 (diff) | |
| parent | Revert "Fix: revert changes in configuration.nix" (diff) | |
| download | nixos-server-22aa391c3d423023d7a92d39d8d28178301feb9a.tar.gz nixos-server-22aa391c3d423023d7a92d39d8d28178301feb9a.zip | |
Merge pull request 'Remove ssh from the config file and make it's keys persistent' (#9) from server1_ssh into server1
Reviewed-on: https://git.sils.li/vhack.eu/nixos-server/pulls/9 Reviewed-by: sils <sils@sils.li>
Diffstat (limited to '')
| -rw-r--r-- | services/opensshd.nix | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/services/opensshd.nix b/services/opensshd.nix new file mode 100644 index 0000000..4bd38fd --- /dev/null +++ b/services/opensshd.nix @@ -0,0 +1,19 @@ +{ config, pkg, ... }: { + services.openssh = { + enable = true; + passwordAuthentication = false; + extraConfig = '' + PrintMotd yes + ''; # this could be done with pam + hostKeys = [{ + comment = "key comment"; + path = "/srv/sshd/ssh_host_ed25519_key"; + rounds = 1000; + type = "ed25519"; + }]; + }; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBFuTNNn71Rhfnop2cdz3r/RhWWlCePnSBOhTBbu2ME soispha" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG63gxw8JePmrC8Fni0pLV4TnPBhCPmSV9FYEdva+6s7 sils" + ]; +} |