CrazyChaoz/NixOS-Configuration
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enable OpenSSH and allow SSH access

Browse source 
Enable and configure openssh service:
- enable service
- disable PasswordAuthentication and KbdInteractiveAuthentication
- set PermitRootLogin to prohibit-password (allow root keys only)
- add ed25519 public key to authorizedKeys
  Open firewall TCP port 22
This commit is contained in:
Stefan Kempinger 2026-01-24 13:50:48 +01:00
parent 1833e6708d
commit 074d164e95
1 changed files with 16 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

16
wohnzimmer/configuration.nix
View file

@ -57,6 +57,10 @@
# Enable networking # Enable networking
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
networking.firewall.allowedTCPPorts = [
22
];
nix = { nix = {
extraOptions = '' extraOptions = ''
experimental-features = nix-command flakes impure-derivations ca-derivations experimental-features = nix-command flakes impure-derivations ca-derivations
@ -99,6 +103,10 @@
"wheel" "wheel"
]; ];
packages = with pkgs; [ ]; packages = with pkgs; [ ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINGHadFhDCUU/ta3p1FQgpm7NExHkyHNrJbNJP6np5w9 kempinger@ins.jku.at"
];
}; };
# Allow unfree packages # Allow unfree packages
@ -135,6 +143,14 @@
enable = true; enable = true;
xwayland.enable = true; xwayland.enable = true;
}; };
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "prohibit-password"; # Allow root with SSH keys only
};
};
programs.firefox.enable = true; programs.firefox.enable = true;
programs.fish.enable = true; programs.fish.enable = true;