diff options
| author | sils <sils@sils.li> | 2023-01-20 22:34:22 +0100 | 
|---|---|---|
| committer | sils <sils@sils.li> | 2023-01-20 22:34:22 +0100 | 
| commit | 259e4107ed4e841484a3c818c5367971d29feeb9 (patch) | |
| tree | fc1b91f08f214eff15fdbb527c0360e1db7dcfe5 | |
| parent | Merge branch 'server1' into server1_users (diff) | |
| parent | Merge pull request 'Remove ssh from the config file and make it's keys persis... (diff) | |
| download | nixos-server-259e4107ed4e841484a3c818c5367971d29feeb9.zip | |
Merge branch 'server1' into server1_users
| -rw-r--r-- | configuration.nix | 1 | ||||
| -rw-r--r-- | services/opensshd.nix | 19 | 
2 files changed, 20 insertions, 0 deletions
| diff --git a/configuration.nix b/configuration.nix index 1c06bb2..75701ad 100644 --- a/configuration.nix +++ b/configuration.nix @@ -8,6 +8,7 @@ ./services/minecraft.nix ./services/rust-motd.nix + ./services/opensshd.nix ]; boot.cleanTmpDir = true; diff --git a/services/opensshd.nix b/services/opensshd.nix new file mode 100644 index 0000000..4bd38fd --- /dev/null +++ b/services/opensshd.nix @@ -0,0 +1,19 @@ +{ config, pkg, ... }: { + services.openssh = { + enable = true; + passwordAuthentication = false; + extraConfig = '' + PrintMotd yes + ''; # this could be done with pam + hostKeys = [{ + comment = "key comment"; + path = "/srv/sshd/ssh_host_ed25519_key"; + rounds = 1000; + type = "ed25519"; + }]; + }; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBFuTNNn71Rhfnop2cdz3r/RhWWlCePnSBOhTBbu2ME soispha" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG63gxw8JePmrC8Fni0pLV4TnPBhCPmSV9FYEdva+6s7 sils" + ]; +} | 
