32 lines
661 B
Nix
Executable file
32 lines
661 B
Nix
Executable file
{...}: {
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PasswordAuthentication = false;
|
|
KbdInteractiveAuthentication = false;
|
|
AllowUsers = null;
|
|
PermitRootLogin = "no";
|
|
};
|
|
banner = ''
|
|
OI! THIS IS A REALLY PRIVATE SERVER
|
|
IF YOU'RE NOT WHO I THINK YOU ARE THEN FOCK OFF!
|
|
'';
|
|
|
|
hostKeys = [
|
|
{
|
|
bits = 4096;
|
|
path = "/etc/ssh/ssh_host_rsa_key";
|
|
type = "rsa";
|
|
}
|
|
{
|
|
path = "/etc/ssh/ssh_host_ed25519_key";
|
|
type = "ed25519";
|
|
}
|
|
];
|
|
};
|
|
|
|
programs.ssh.startAgent = true;
|
|
programs.mtr.enable = true;
|
|
programs.gnupg.agent.enable = true;
|
|
}
|