2023-02-14

author: Azat Bahawi <azat@bahawi.net> 2023-02-14 23:04:05 +0300
committer: Azat Bahawi <azat@bahawi.net> 2023-02-14 23:04:05 +0300
commit: 7ed022bc9a3c89834016c866e387b60ba4523eb6 (patch)
tree: a0984c8df3016e84910818a60d7f3aeb42b7a718 /modules/nixos/openssh.nix
parent: 2023-02-03 (diff)
1 files changed, 10 insertions, 11 deletions
diff --git a/modules/nixos/openssh.nix b/modules/nixos/openssh.nix
index 9a131d7..c7a144e 100644
--- a/modules/nixos/openssh.nix
+++ b/modules/nixos/openssh.nix
@@ -18,16 +18,16 @@ in {
   };
 
   config = mkIf cfg.server.enable {
-    # TODO Enable on a fresh system.
-    # ark = {
-    #   files = [
-    #     "/etc/ssh/ssh_host_ed25519_key"
-    #     "/etc/ssh/ssh_host_ed25519_key.pub"
-    #     "/etc/ssh/ssh_host_rsa_key"
-    #     "/etc/ssh/ssh_host_rsa_key.pub"
-    #   ];
-    #   directories = ["/etc/ssh/authorized_keys.d"];
-    # };
+    # FIXME This is mounted after the activation script is launched.
+    ark = {
+      files = [
+        "/etc/ssh/ssh_host_ed25519_key"
+        "/etc/ssh/ssh_host_ed25519_key.pub"
+        "/etc/ssh/ssh_host_rsa_key"
+        "/etc/ssh/ssh_host_rsa_key.pub"
+      ];
+      # directories = ["/etc/ssh/authorized_keys.d"];
+    };
 
     programs.mosh.enable = true;
 
@@ -36,7 +36,6 @@ in {
         enable = true;
         ports = [cfg.server.port];
         settings = {
-          AllowUsers = my.username;
           ClientAliveCountMax = 3;
           ClientAliveInterval = 60;
           KbdInteractiveAuthentication = false;
author	Azat Bahawi <azat@bahawi.net>	2023-02-14 23:04:05 +0300
committer	Azat Bahawi <azat@bahawi.net>	2023-02-14 23:04:05 +0300
commit	7ed022bc9a3c89834016c866e387b60ba4523eb6 (patch)
tree	a0984c8df3016e84910818a60d7f3aeb42b7a718 /modules/nixos/openssh.nix
parent	2023-02-03 (diff)