2020-02-17 17:00:59 +04:00
|
|
|
{ pkgs, config, lib, ... }: {
|
|
|
|
services.openssh = {
|
|
|
|
enable = true;
|
2023-02-16 18:51:34 +04:00
|
|
|
settings = {
|
|
|
|
PasswordAuthentication = false;
|
|
|
|
PermitRootLogin = "no";
|
|
|
|
X11Forwarding = true;
|
|
|
|
};
|
2021-06-06 19:59:19 +04:00
|
|
|
extraConfig = "StreamLocalBindUnlink yes";
|
2020-02-28 12:44:12 +04:00
|
|
|
ports = [ 22 ];
|
2020-02-17 17:00:59 +04:00
|
|
|
};
|
|
|
|
|
2021-06-08 20:35:21 +04:00
|
|
|
persist.state.etcFiles = [
|
|
|
|
"ssh/ssh_host_ed25519_key"
|
|
|
|
"ssh/ssh_host_ed25519_key.pub"
|
|
|
|
"ssh/ssh_host_rsa_key"
|
|
|
|
"ssh/ssh_host_rsa_key.pub"
|
|
|
|
];
|
|
|
|
|
2021-10-19 03:30:07 +04:00
|
|
|
persist.state.directories = [ "/home/balsoft/.ssh" ];
|
2021-06-08 20:52:32 +04:00
|
|
|
|
2023-02-16 18:51:34 +04:00
|
|
|
users.users.balsoft.openssh.authorizedKeys.keys = [
|
|
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDd2OdcSHUsgezuV+cpFqk9+Svtup6PxIolv1zokVZdqvS8qxLsA/rwYmQgTnuq4/zK/GIxcUCH4OxYlW6Or4M4G7qrDKcLAUrRPWkectqEooWRflZXkfHduMJhzeOAsBdMfYZQ9024GwKr/4yriw2BGa8GbbAnQxiSeTipzvXHoXuRME+/2GsMFAfHFvxzXRG7dNOiLtLaXEjUPUTcw/fffKy55kHtWxMkEvvcdyR53/24fmO3kLVpEuoI+Mp1XFtX3DvRM9ulgfwZUn8/CLhwSLwWX4Xf9iuzVi5vJOJtMOktQj/MwGk4tY/NPe+sIk+nAUKSdVf0y9k9JrJT98S/ comment"
|
|
|
|
];
|
2020-02-17 17:00:59 +04:00
|
|
|
|
2023-02-16 18:51:34 +04:00
|
|
|
# secrets.ssh_key = {
|
|
|
|
# services = [ ];
|
|
|
|
# decrypted = "/root/.ssh/id_ed25519";
|
|
|
|
# };
|
2021-06-07 19:22:59 +04:00
|
|
|
|
2020-02-28 12:44:12 +04:00
|
|
|
home-manager.users.balsoft.programs.ssh = {
|
2020-02-17 17:00:59 +04:00
|
|
|
enable = true;
|
2023-02-16 18:51:34 +04:00
|
|
|
matchBlocks = { "*" = { compression = false; }; };
|
2020-02-28 12:44:12 +04:00
|
|
|
};
|
2020-02-17 17:00:59 +04:00
|
|
|
}
|