Merge pull request 'Fix base user ssh public keys' (#141) from fix/base-user-ssh-public-keys into main

Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/141
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>
This commit is contained in:
Benjamin Bädorf 2022-10-05 11:19:41 +00:00
commit bcf6ca5fe4
No known key found for this signature in database
GPG key ID: 5FEAFA6A0FC8075D
4 changed files with 3 additions and 3 deletions

View file

@ -7,6 +7,7 @@
# If you don't want the host to have SSH actually opened up to the net, # If you don't want the host to have SSH actually opened up to the net,
# set `services.openssh.openFirewall` to false in your config. # set `services.openssh.openFirewall` to false in your config.
openFirewall = lib.mkDefault true; openFirewall = lib.mkDefault true;
passwordAuthentication = false;
}; };
# Service that makes Out of Memory Killer more effective # Service that makes Out of Memory Killer more effective

View file

@ -39,7 +39,6 @@ in
# fileSystems."/".options = [ "noexec" ]; # fileSystems."/".options = [ "noexec" ];
services.openssh = { services.openssh = {
passwordAuthentication = false;
kbdInteractiveAuthentication = false; kbdInteractiveAuthentication = false;
extraConfig = '' extraConfig = ''
AllowTcpForwarding yes AllowTcpForwarding yes

View file

@ -23,7 +23,7 @@ in
}; };
publicKeys = mkOption { publicKeys = mkOption {
description = "User SSH public keys"; description = "User SSH public keys";
type = types.listOf types.path; type = types.listOf types.str;
default = [ ]; default = [ ];
}; };
fullName = mkOption { fullName = mkOption {

View file

@ -25,7 +25,7 @@ in
]; ];
initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else ""; initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else "";
shell = pkgs.zsh; shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else [ ]; openssh.authorizedKeys.keys = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else [ ];
}; };
}; };
} }