17 lines
495 B
Nix
17 lines
495 B
Nix
{
|
|
networking.firewall.allowedTCPPorts = [ 22 ];
|
|
services.openssh = {
|
|
enable = true;
|
|
allowSFTP = false;
|
|
settings.PasswordAuthentication = false;
|
|
settings.KbdInteractiveAuthentication = false;
|
|
settings.X11Forwarding = false;
|
|
settings.PermitRootLogin = "prohibit-password";
|
|
extraConfig = ''
|
|
AllowAgentForwarding no
|
|
AllowStreamLocalForwarding no
|
|
AuthenticationMethods publickey
|
|
'';
|
|
};
|
|
}
|