Set PermitRootLogin as a default value

2025-01-17 01:18:08 -05:00 · 2025-01-17 01:18:08 -05:00 · fb2f410e89
commit fb2f410e89
parent 0a2c3d46e0
1 changed files with 17 additions and 13 deletions
--- a/common/ssh/default.nix
+++ b/common/ssh/default.nix
@ -1,17 +1,21 @@
 {
-    programs.ssh.startAgent = true;
+  lib,
+  ...
+}:
+{
+  programs.ssh.startAgent = true;

-    users.users.root.openssh.authorizedKeys.keys = [
-        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIClZstYoT64zHnGfE7LMYNiQPN5/gmCt382lC+Ji8lrH PVE"
-    ];
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIClZstYoT64zHnGfE7LMYNiQPN5/gmCt382lC+Ji8lrH PVE"
+  ];

-    services.openssh = {
-        enable = true;
-        settings = {
-            AllowUsers = null; # everyone
-            PasswordAuthentication = false;
-            KbdInteractiveAuthentication = false;
-            PermitRootLogin = "no";
-        };
+  services.openssh = {
+    enable = true;
+    settings = {
+      AllowUsers = null; # everyone
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+      PermitRootLogin = lib.mkDefault "no";
    };
+  };
 }