Color/nixos-macmini
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ssh: require public key authentication

Browse Source
This commit is contained in:
Sky
2026-02-09 08:29:55 +00:00
parent 1fbbf30012
commit b54217ef0a
3 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
flake.lock generated
View File

@@ -108,10 +108,10 @@
}, },
"secrets": { "secrets": {
"locked": { "locked": {
"lastModified": 1769514557, "lastModified": 1770625307,
"narHash": "sha256-nJOWEsRw7C2hrrC9xf74oAq3dLJEXq71M2bbdO+DUpw=", "narHash": "sha256-kg3cWWbUBD0wPXR51vxpsRk0rlR4++qjsKELH32M70E=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "6aa45be13cc08dc2518b6b749df5e81975ed6df4", "rev": "b46d84d1cc5b9fa6d0ca334b9b37a30dabdefec2",
"shallow": true, "shallow": true,
"type": "git", "type": "git",
"url": "ssh://git@git.colorsky.fun/Sky/secrets" "url": "ssh://git@git.colorsky.fun/Sky/secrets"

5
host/macmini.nix
View File

@@ -1,5 +1,7 @@
{ {
pkgs, pkgs,
secrets,
lib,
... ...
}: }:
@@ -26,6 +28,9 @@
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
users.users.sky = { users.users.sky = {
openssh.authorizedKeys.keys = [
(lib.readFile secrets.files.keys.nixos-wsl-pub)
];
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" ];
packages = with pkgs; [ packages = with pkgs; [

6
modules/system/networking.nix
View File

@@ -1,6 +1,10 @@
{ ... }: { ... }:
{ {
services.openssh.enable = true; services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
};
networking = { networking = {
hostName = "macmini"; hostName = "macmini";