From c7349e466fef7ecff5a46b1d0c819975a6bdcb8c Mon Sep 17 00:00:00 2001
From: toufic ar <contact@toufy.me>
Date: Wed, 22 Apr 2026 14:08:19 +0300
Subject: initial commit

---
 common/ssh.nix | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 common/ssh.nix

(limited to 'common/ssh.nix')

diff --git a/common/ssh.nix b/common/ssh.nix
new file mode 100644
index 0000000..3af78d7
--- /dev/null
+++ b/common/ssh.nix
@@ -0,0 +1,19 @@
+{config, ...}: {
+  users.users.root.openssh.authorizedKeys.keys = [
+    config.customOps.owner.pubkey
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII5gY2Jgg7MInzaWWq8c4+fT5DKdCBKM3kvgtqfcDxVI adonis"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBcnEzwChlKUFUYHEUOQsCfVmkqm/FvWeItw3B0Z/uO4 aphrodite"
+  ];
+  services.openssh = {
+    enable = true;
+    ports = [22];
+    settings = {
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+      AllowUsers = null;
+      UseDns = true;
+      X11Forwarding = false;
+      PermitRootLogin = "prohibit-password";
+    };
+  };
+}
-- 
cgit v1.2.3