Chris Toph
8eba3b905c
- Consolidates SSH config into a unified file - Replaces deprecated config files and updates file sources - Ensures proper SSH key permission handling and mapping
22 lines
490 B
Nix
22 lines
490 B
Nix
{
|
|
programs.ssh.startAgent = true;
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = [ 22 ];
|
|
|
|
settings = {
|
|
AllowUsers = null; # everyone
|
|
# Harden
|
|
PasswordAuthentication = false;
|
|
PermitRootLogin = "no";
|
|
KbdInteractiveAuthentication = false;
|
|
# Automatically remove stale sockets
|
|
StreamLocalBindUnlink = "yes";
|
|
# Allow forwarding ports to everywhere
|
|
GatewayPorts = "clientspecified";
|
|
};
|
|
};
|
|
|
|
networking.[REDACTED] 22 ];
|
|
}
|