From d9317de584c66b068a336889aa9adc3ac3837e5e Mon Sep 17 00:00:00 2001
From: tzlil <tzlils@protonmail.com>
Date: Sat, 21 Jan 2023 17:34:49 +0200
Subject: change deploy-rs to nixinate, change user to use passwordFile, add
 password age secret, remove NetworkManager-wait-online.service

---
 profiles/ssh.nix | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'profiles/ssh.nix')

diff --git a/profiles/ssh.nix b/profiles/ssh.nix
index e0a623a..4c12cc7 100644
--- a/profiles/ssh.nix
+++ b/profiles/ssh.nix
@@ -5,10 +5,7 @@
     services.openssh = {
       enable = true;
       openFirewall = false;
-      passwordAuthentication = false;
-      kbdInteractiveAuthentication = false;
       allowSFTP = false;
-      permitRootLogin = "no";
       startWhenNeeded = true;
       extraConfig = ''
         AllowTcpForwarding yes
@@ -20,6 +17,11 @@
 
         AllowUsers tzlil
       '';
+      settings = {
+        permitRootLogin = "no";
+        passwordAuthentication = false;
+        kbdInteractiveAuthentication = false;
+      };
     };
     environment.persistence."/nix/persist" = {
       hideMounts = true;
-- 
cgit 1.4.1