Merge pull request 'Fix base user ssh public keys' (#141) from fix/base-user-ssh-public-keys into main

Reviewed-on: https://git.b12f.io/pub-solar/os/pulls/141
Reviewed-by: Benjamin Bädorf <hello@benjaminbaedorf.eu>

modules/core/services.nix

@@ -7,6 +7,7 @@
     # If you don't want the host to have SSH actually opened up to the net,
     # set `services.openssh.openFirewall` to false in your config.
     openFirewall = lib.mkDefault true;
+    passwordAuthentication = false;
   };
 
   # Service that makes Out of Memory Killer more effective

modules/paranoia/default.nix

@@ -39,7 +39,6 @@ in
     # fileSystems."/".options = [ "noexec" ];
 
     services.openssh = {
-      passwordAuthentication = false;
       kbdInteractiveAuthentication = false;
       extraConfig = ''
         AllowTcpForwarding yes

modules/user/default.nix

@@ -23,7 +23,7 @@ in
       };
       publicKeys = mkOption {
         description = "User SSH public keys";
-        type = types.listOf types.path;
+        type = types.listOf types.str;
         default = [ ];
       };
       fullName = mkOption {

profiles/base-user/default.nix

@@ -25,7 +25,7 @@ in
       ];
       initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else "";
       shell = pkgs.zsh;
-      openssh.authorizedKeys.keyFiles = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else [ ];
+      openssh.authorizedKeys.keys = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else [ ];
     };
   };
 }