nixos-config/modules/workspace/ssh.nix

29 lines
1.1 KiB
Nix
Raw Normal View History

2020-02-17 17:00:59 +04:00
{ pkgs, config, lib, ... }: {
services.openssh = {
enable = true;
passwordAuthentication = false;
permitRootLogin = "no";
forwardX11 = true;
2021-06-06 19:59:19 +04:00
extraConfig = "StreamLocalBindUnlink yes";
ports = [ 22 ];
2020-02-17 17:00:59 +04:00
};
users.users.balsoft.openssh.authorizedKeys.keys =
["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDd2OdcSHUsgezuV+cpFqk9+Svtup6PxIolv1zokVZdqvS8qxLsA/rwYmQgTnuq4/zK/GIxcUCH4OxYlW6Or4M4G7qrDKcLAUrRPWkectqEooWRflZXkfHduMJhzeOAsBdMfYZQ9024GwKr/4yriw2BGa8GbbAnQxiSeTipzvXHoXuRME+/2GsMFAfHFvxzXRG7dNOiLtLaXEjUPUTcw/fffKy55kHtWxMkEvvcdyR53/24fmO3kLVpEuoI+Mp1XFtX3DvRM9ulgfwZUn8/CLhwSLwWX4Xf9iuzVi5vJOJtMOktQj/MwGk4tY/NPe+sIk+nAUKSdVf0y9k9JrJT98S/ comment"];
services.udev.packages = [ pkgs.yubikey-personalization ];
2021-05-10 04:04:18 +04:00
# home-manager.users.balsoft.home.sessionVariables.SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh";
home-manager.users.balsoft.home.file.".gnupg/scdaemon.conf".text = "reader-port Yubico Yubi";
home-manager.users.balsoft.programs.ssh = {
2020-02-17 17:00:59 +04:00
enable = true;
matchBlocks = {
"*" = {
compression = false;
};
};
};
2020-02-17 17:00:59 +04:00
}