summaryrefslogblamecommitdiff
path: root/components/services/openssh.nix
blob: eb52bf1b8a759b54eaef4e19190b47f0ee4579f9 (plain) (tree) 
bb11479 ^












44024e8 ^









bb11479 ^



1
2
3
4
5
6
7
8
9
10
11
12

13
14
15
16
17
18
19
20
21

22
23
24












                                                               








                                   


      
{lib, config, ...}: {
  options.openssh.enable = lib.mkEnableOption "OpenSSH server";

  config = lib.mkIf config.openssh.enable {
    services.openssh = {
      enable = true;

      settings = {
        PermitRootLogin = "no";
        PasswordAuthentication = false;
        PrintMotd = false;
      };

      extraConfig = ''
        Match user git
          AllowTcpForwarding no
          AllowAgentForwarding no
          PasswordAuthentication no
          PermitTTY no
          X11Forwarding no
      '';
    };
  };
}
generated by cgit v1.3 (git 2.53.0) at 2026-03-24 05:28:51 +0000