added an ssh key for neo

2025-11-03 17:32:44 +00:00 · 2025-10-26 15:14:09 +01:00
parent 665bd1d1f4
commit 3cd6c1c941
5 changed files with 28 additions and 17 deletions
--- a/nix/modules/security.nix
+++ b/nix/modules/security.nix
@@ -0,0 +1,17 @@
+{ config, pkgs, inputs, ... }:
+
+{
+  # providing an ssh configuration
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "no";                    # Disable root login
+      PasswordAuthentication = false;            # Force SSH key auth only
+      PubkeyAuthentication = true;               # Enable SSH keys
+    };
+    ports = [ 22 ];
+  };
+
+  # other security hardening options can go here
+  security.sudo.wheelNeedsPassword = false;
+}