nixfiles/profiles/sshd/sshd.nix

{lib, ...}: let
  inherit (lib.modules) mkDefault;
in {
  services.openssh = {
    enable = true;
    settings = {
      PermitRootLogin = "prohibit-password";
      PasswordAuthentication = false;
      KbdInteractiveAuthentication = mkDefault false;
      StreamLocalBindUnlink = true;
      KexAlgorithms = ["curve25519-sha256@libssh.org"];
      LogLevel = "VERBOSE";
    };
  };
}
updates, tidying, hetzner-vm container scripts, better cryptsetup unlock with plymouth 2023-09-01 01:46:14 +01:00			`{lib, ...}: let`
			`inherit (lib.modules) mkDefault;`
			`in {`
improve sshd and add kitty's terminfo 2021-12-28 23:10:59 +00:00			`services.openssh = {`
			`enable = true;`
openssh & piped fixes 2023-02-09 15:22:55 +00:00			`settings = {`
			`PermitRootLogin = "prohibit-password";`
			`PasswordAuthentication = false;`
updates, tidying, hetzner-vm container scripts, better cryptsetup unlock with plymouth 2023-09-01 01:46:14 +01:00			`KbdInteractiveAuthentication = mkDefault false;`
openssh & piped fixes 2023-02-09 15:22:55 +00:00			`StreamLocalBindUnlink = true;`
sshd config changes 2023-02-09 16:20:45 +00:00			`KexAlgorithms = ["curve25519-sha256@libssh.org"];`
openssh & piped fixes 2023-02-09 15:22:55 +00:00			`LogLevel = "VERBOSE";`
			`};`
improve sshd and add kitty's terminfo 2021-12-28 23:10:59 +00:00			`};`
format nixfiles 2021-12-28 22:06:26 +00:00			`}`