14 lines
340 B
Nix
14 lines
340 B
Nix
{ lib, ... }: {
|
|
services.openssh = {
|
|
enable = true;
|
|
passwordAuthentication = false;
|
|
kbdInteractiveAuthentication = lib.mkDefault false;
|
|
permitRootLogin = "prohibit-password";
|
|
kexAlgorithms = [ "curve25519-sha256@libssh.org" ];
|
|
extraConfig = ''
|
|
StreamLocalBindUnlink yes
|
|
LogLevel VERBOSE
|
|
'';
|
|
};
|
|
}
|