14 lines
346 B
Nix
14 lines
346 B
Nix
{lib, ...}: {
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "prohibit-password";
|
|
PasswordAuthentication = false;
|
|
KbdInteractiveAuthentication = lib.mkDefault false;
|
|
StreamLocalBindUnlink = true;
|
|
LogLevel = "VERBOSE";
|
|
};
|
|
kexAlgorithms = ["curve25519-sha256@libssh.org"];
|
|
};
|
|
}
|