From 2d22e26ee2c54ca41aaa178bfbe66c0fe7ff2a65 Mon Sep 17 00:00:00 2001
From: notohh <github@notohh.dev>
Date: Mon, 1 May 2023 03:33:33 -0400
Subject: [PATCH] ssh: force login methods

---
 modules/openssh.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/openssh.nix b/modules/openssh.nix
index 04caab9..0ef700e 100644
--- a/modules/openssh.nix
+++ b/modules/openssh.nix
@@ -1,11 +1,11 @@
-{...}: {
+{lib, ...}: {
   services.openssh = {
     enable = true;
     settings = {
       KbdInteractiveAuthentication = false;
-      PasswordAuthentication = false;
+      PasswordAuthentication = lib.mkForce false;
       PubkeyAuthentication = true;
-      PermitRootLogin = "no";
+      PermitRootLogin = lib.mkForce "no";
       StreamLocalBindUnlink = "yes";
       GatewayPorts = "clientspecified";
     };