19 lines
500 B
Nix
19 lines
500 B
Nix
# SSH server
|
|
{ config, ... }: {
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = [ 22 ];
|
|
settings = {
|
|
PasswordAuthentication = true;
|
|
AllowUsers = [
|
|
config.var.username
|
|
]; # "null" allows all users by default. Can be [ "user1" "user2" ]
|
|
UseDns = true;
|
|
X11Forwarding = false;
|
|
PermitRootLogin =
|
|
"no"; # "yes", "without-password", "prohibit-password", "forced-commands-only", "no"
|
|
};
|
|
};
|
|
networking.firewall.allowedTCPPorts = [ 22 ];
|
|
}
|