pub-solar/os
5
0
Fork 2
Code Issues 4 Pull requests Packages Projects 1 Releases Wiki Activity

Open SSH on the network by default, but don't allow password authentication

Browse source
This commit is contained in:
Benjamin Bädorf 2022-08-13 20:17:00 +02:00
parent ded0dd7d15
commit 669ab6b6ba
No known key found for this signature in database
GPG key ID: 4406E80E13CD656C
2 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
profiles/core/default.nix
View file

@ -117,7 +117,8 @@ in
# For rage encryption, all hosts need a ssh key pair # For rage encryption, all hosts need a ssh key pair
services.openssh = { services.openssh = {
enable = true; enable = true;
openFirewall = lib.mkDefault false; openFirewall = lib.mkDefault true;
passwordAuthentication = false;
}; };
# Service that makes Out of Memory Killer more effective # Service that makes Out of Memory Killer more effective

8
profiles/iot/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ self, config, lib, pkgs, ... }:
let inherit (lib) fileContents;
in
{
pub-solar.graphical.enable = false;
pub-solar.x-os.localProxyService.enable = false;
pub-solar.sway.enable = false;
}