puter/common/ssh.nix

{
  lib,
  pkgs,
  ...
}: {
  age.identityPaths = ["/etc/ssh/ssh_host_ed25519_key"];

  services.openssh = {
    enable = true;
    openFirewall = true;
    hostKeys = [
      {
        path = "/etc/ssh/ssh_host_ed25519_key";
        type = "ed25519";
      }
    ];
    settings = {
      PermitRootLogin = "forced-commands-only";
      PasswordAuthentication = false;
    };
  };

  programs.ssh = {
    startAgent = true;
    enableAskPassword = true;
    askPassword = lib.getExe' pkgs.ksshaskpass "ksshaskpass";
  };

  environment.etc."ssh/ssh_config".text = lib.mkAfter ''
    Compression yes
    ServerAliveInterval 60
  '';
}
Plasma 6 2024-02-24 23:51:34 +00:00			`{`
			`lib,`
			`pkgs,`
			`...`
			`}: {`
revamp 2024-07-01 22:06:05 +00:00			`age.identityPaths = ["/etc/ssh/ssh_host_ed25519_key"];`
improvements 2024-02-21 21:08:11 +00:00
			`services.openssh = {`
			`enable = true;`
			`openFirewall = true;`
			`hostKeys = [`
			`{`
			`path = "/etc/ssh/ssh_host_ed25519_key";`
			`type = "ed25519";`
			`}`
			`];`
			`settings = {`
stuff 2024-09-15 15:17:44 +00:00			`PermitRootLogin = "forced-commands-only";`
improvements 2024-02-21 21:08:11 +00:00			`PasswordAuthentication = false;`
			`};`
			`};`

Plasma 6 2024-02-24 23:51:34 +00:00			`programs.ssh = {`
			`startAgent = true;`
revamp 2024-07-01 22:06:05 +00:00			`enableAskPassword = true;`
Plasma 6 2024-02-24 23:51:34 +00:00			`askPassword = lib.getExe' pkgs.ksshaskpass "ksshaskpass";`
			`};`
init 2024-02-04 20:51:11 +00:00
			`environment.etc."ssh/ssh_config".text = lib.mkAfter ''`
			`Compression yes`
			`ServerAliveInterval 60`
			`'';`
			`}`