Pull out sshd configuration

This commit is contained in:
Benson Chu 2023-12-30 09:59:14 -06:00
parent 579777921b
commit 6ade9debe1
2 changed files with 25 additions and 19 deletions

24
common/sshd-home.nix Normal file
View file

@ -0,0 +1,24 @@
{ config, pkgs, ... }:
{
services.openssh = {
enable = true;
ports = [ 2222 ];
settings = {
X11Forwarding = true;
PasswordAuthentication = false;
PermitRootLogin = "no";
};
extraConfig = ''
ChallengeResponseAuthentication no
Match Address 192.168.1.0/24,!192.168.1.254
X11UseLocalhost yes
X11Forwarding yes
PasswordAuthentication yes
ChallengeResponseAuthentication yes
'';
};
}

View file

@ -12,6 +12,7 @@ in
[
../../common/configuration.nix
../../common/lxd-setup.nix
../../common/sshd-home.nix
# Include the results of the hardware scan.
./hardware-configuration.nix
];
@ -63,26 +64,7 @@ in
};
# Enable the OpenSSH daemon.
openssh = {
enable = true;
ports = [ 2222 ];
settings = {
X11Forwarding = true;
PasswordAuthentication = false;
PermitRootLogin = "no";
};
extraConfig = ''
ChallengeResponseAuthentication no
Match Address 192.168.0.0/16,!192.168.1.254
X11UseLocalhost yes
X11Forwarding yes
PasswordAuthentication yes
ChallengeResponseAuthentication yes
'';
};
xserver = {
# Enable the X11 windowing system.