diff --git a/modules/hardware/network.nix b/modules/hardware/network.nix
index 31186c3..9cb6109 100644
--- a/modules/hardware/network.nix
+++ b/modules/hardware/network.nix
@@ -22,12 +22,14 @@
   services = {
     openssh = {
       enable = true;
+      openFirewall = true;
       settings = {
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+        PermitRootLogin = "no";
         GatewayPorts = "yes";
+        StreamLocalBindUnlink="yes";
       };
-      extraConfig = ''
-        StreamLocalBindUnlink yes
-      '';
     };
   };
 }