• probablymissing@lemmy.world
    0·
    22 hours ago

    as a nixos enjoyer, i have no idea how to setup ssh keys. fail2ban and a regular password for me.

    yes, i have locked myself out of my own server for hours at a time because i’m an absolute tool.

    • smiletolerantly@awful.systems
      3·
      16 hours ago

      Ehm… I’m also on Nixos and I’d say it’s super trivial.

      services.openssh = {
  enable = true;
  settings = {
    PasswordAuthentication = false;
    PermitRootLogin = "no";
  };
};

users.users.<name>.openssh.authorizedKeys.keys = [ list of pubkeys ideally read from file in repo ];
      • Urist@lemmy.mlEnglish
        2·
        10 hours ago

        So easy it should be illegal! I mean, how can we feel superior if we are not wasting huge amounts of time setting things up!?

        • smiletolerantly@awful.systems
          2·
          10 hours ago

          I mean, how can we feel superior if we are not wasting huge amounts of time setting things up!?

          Why, by boasting that it’s so easy, just look at that, it is only two options you need to set thanks to the 80 custom modules I’ve written to abstract the abstractions from nixpkgs!

          I WISH I could put an /s here, but I cannot.