From 01de9fafc8434c8728b7dff9fb4fbd20bdc9b51a Mon Sep 17 00:00:00 2001
From: Xavier Detant <1016863+FaustXVI@users.noreply.github.com>
Date: Sun, 29 Dec 2024 14:01:55 +0100
Subject: [PATCH] configure ssh server

---
 modules/hardware/network.nix | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/modules/hardware/network.nix b/modules/hardware/network.nix
index 31186c3..9cb6109 100644
--- a/modules/hardware/network.nix
+++ b/modules/hardware/network.nix
@@ -22,12 +22,14 @@
   services = {
     openssh = {
       enable = true;
+      openFirewall = true;
       settings = {
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+        PermitRootLogin = "no";
         GatewayPorts = "yes";
+        StreamLocalBindUnlink="yes";
       };
-      extraConfig = ''
-        StreamLocalBindUnlink yes
-      '';
     };
   };
 }