forked from pub-solar/os
Merge pull request 'Fix base user ssh public keys' (#141) from fix/base-user-ssh-public-keys into main
Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/141 Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
This commit is contained in:
commit
bcf6ca5fe4
|
@ -7,6 +7,7 @@
|
|||
# If you don't want the host to have SSH actually opened up to the net,
|
||||
# set `services.openssh.openFirewall` to false in your config.
|
||||
openFirewall = lib.mkDefault true;
|
||||
passwordAuthentication = false;
|
||||
};
|
||||
|
||||
# Service that makes Out of Memory Killer more effective
|
||||
|
|
|
@ -39,7 +39,6 @@ in
|
|||
# fileSystems."/".options = [ "noexec" ];
|
||||
|
||||
services.openssh = {
|
||||
passwordAuthentication = false;
|
||||
kbdInteractiveAuthentication = false;
|
||||
extraConfig = ''
|
||||
AllowTcpForwarding yes
|
||||
|
|
|
@ -23,7 +23,7 @@ in
|
|||
};
|
||||
publicKeys = mkOption {
|
||||
description = "User SSH public keys";
|
||||
type = types.listOf types.path;
|
||||
type = types.listOf types.str;
|
||||
default = [ ];
|
||||
};
|
||||
fullName = mkOption {
|
||||
|
|
|
@ -25,7 +25,7 @@ in
|
|||
];
|
||||
initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else "";
|
||||
shell = pkgs.zsh;
|
||||
openssh.authorizedKeys.keyFiles = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else [ ];
|
||||
openssh.authorizedKeys.keys = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else [ ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue