14 lines
336 B
Nix
14 lines
336 B
Nix
{lib, ...}: {
|
|
services.openssh = {
|
|
enable = true;
|
|
passwordAuthentication = false;
|
|
kbdInteractiveAuthentication = lib.mkDefault false;
|
|
permitRootLogin = "prohibit-password";
|
|
kexAlgorithms = ["curve25519-sha256@libssh.org"];
|
|
extraConfig = ''
|
|
StreamLocalBindUnlink yes
|
|
LogLevel VERBOSE
|
|
'';
|
|
};
|
|
}
|