1 files changed, 19 insertions, 0 deletions

diff --git a/common/ssh.nix b/common/ssh.nix
new file mode 100644
index 0000000..3af78d7
--- /dev/null
+++ b/common/ssh.nix
@@ -0,0 +1,19 @@
+{config, ...}: {
+  users.users.root.openssh.authorizedKeys.keys = [
+    config.customOps.owner.pubkey
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII5gY2Jgg7MInzaWWq8c4+fT5DKdCBKM3kvgtqfcDxVI adonis"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBcnEzwChlKUFUYHEUOQsCfVmkqm/FvWeItw3B0Z/uO4 aphrodite"
+  ];
+  services.openssh = {
+    enable = true;
+    ports = [22];
+    settings = {
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+      AllowUsers = null;
+      UseDns = true;
+      X11Forwarding = false;
+      PermitRootLogin = "prohibit-password";
+    };
+  };
+}