diff options
Diffstat (limited to 'nix/modules/ssh.nix')
| -rw-r--r-- | nix/modules/ssh.nix | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/nix/modules/ssh.nix b/nix/modules/ssh.nix index db0ebd3..c816f1c 100644 --- a/nix/modules/ssh.nix +++ b/nix/modules/ssh.nix @@ -3,10 +3,11 @@ services.openssh = { enable = true; settings = { - PasswordAuthentication = lib.mkDefault (! config.monorepo.profiles.server.enable); - AllowUsers = [ config.monorepo.vars.userName "root" "git" ]; - PermitRootLogin = "prohibit-password"; + PasswordAuthentication = false; + AllowUsers = [ config.monorepo.vars.userName "git" ]; + PermitRootLogin = "no"; KbdInteractiveAuthentication = false; }; }; + networking.firewall.allowedTCPPorts = lib.mkIf config.services.openssh.enable [ 22 ]; } |