ssh: force login methods

2023-05-01 03:33:33 -04:00 · 2023-05-01 03:33:33 -04:00 · 2d22e26ee2
commit 2d22e26ee2
parent 6375b59ce8
1 changed files with 3 additions and 3 deletions
--- a/modules/openssh.nix
+++ b/modules/openssh.nix
@ -1,11 +1,11 @@
-{...}: {
+{lib, ...}: {
  services.openssh = {
    enable = true;
    settings = {
      KbdInteractiveAuthentication = false;
-      PasswordAuthentication = false;
+      PasswordAuthentication = lib.mkForce false;
      PubkeyAuthentication = true;
-      PermitRootLogin = "no";
+      PermitRootLogin = lib.mkForce "no";
      StreamLocalBindUnlink = "yes";
      GatewayPorts = "clientspecified";
    };