From c9a5c521dbc7785aa4a6c1f410e547202075c13b Mon Sep 17 00:00:00 2001
From: andromeda <andromeda@lenovo>
Date: Tue, 6 Jan 2026 14:52:34 +0100
Subject: stash

---
 modules/nixos/networking/hard-ssh.nix | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 modules/nixos/networking/hard-ssh.nix

(limited to 'modules/nixos/networking/hard-ssh.nix')

diff --git a/modules/nixos/networking/hard-ssh.nix b/modules/nixos/networking/hard-ssh.nix
new file mode 100644
index 0000000..849af9b
--- /dev/null
+++ b/modules/nixos/networking/hard-ssh.nix
@@ -0,0 +1,19 @@
+{
+  services.openssh = {
+    enable = true;
+    allowSFTP = false;
+    ports = [5522];
+    settings = {
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = true;
+    };
+    extraConfig = ''
+      AllowTcpForwarding no
+      AllowAgentForwarding no
+      MaxAuthTries 3
+      MaxSessions 4
+      TCPKeepAlive no
+    '';
+  };
+}
-- 
cgit v1.3