{ pkgs, lib, config, hosts, ... }:
{
+ services.openssh = {
+ openFirewall = true;
+ settings.X11Forwarding = true;
+ };
+ systemd.services.sshd.serviceConfig.LoadCredentialEncrypted = [
+ "host.key:${ssh/host.key.cred}"
+ ];
+ programs.ssh = {
+ extraConfig = ''
+ '';
+ };
+
+ boot.initrd.network.ssh = {
+ enable = true;
+ port = 2222;
+ authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
+ hostKeys = [ "/root/initrd/ssh.key" ];
+ extraConfig = ''
+ '';
+ };
+
systemd.services.ssh-mermet-reverse = {
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
RestartSec = "5s";
};
};
- boot.initrd.network.ssh = {
- enable = true;
- port = 2222;
- authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
- hostKeys = [ "/root/initrd/ssh.key" ];
- extraConfig = ''
- '';
- };
- services.openssh = {
- openFirewall = true;
- forwardX11 = true;
- };
- programs.ssh = {
- extraConfig = ''
- Compression = yes
- '';
- };
services.upnpc.enable = true;
services.upnpc.redirections =
[