From b08e13c2a0b1e561642dd8da69283c9318e80af4 Mon Sep 17 00:00:00 2001
From: Fiscal Velvet Poet <fiscalvelvetpoet@jfdic.org>
Date: Fri, 2 Jun 2023 10:00:45 +1000
Subject: [PATCH] openssh: upgrade to v9.3p1

progresses #20
---
 profiles/openssh.nix | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/profiles/openssh.nix b/profiles/openssh.nix
index d437cb2..0c3d7bd 100644
--- a/profiles/openssh.nix
+++ b/profiles/openssh.nix
@@ -7,9 +7,6 @@
 }: {
   services.openssh = {
     enable = true; # Enable the OpenSSH daemon.
-    permitRootLogin = "prohibit-password";
-    kbdInteractiveAuthentication = false;
-    passwordAuthentication = false;
     openFirewall = true;
     hostKeys = [
       {
@@ -17,5 +14,10 @@
         type = "ed25519";
       }
     ];
+    settings = {
+      KbdInteractiveAuthentication = false;
+      PasswordAuthentication = false;
+      PermitRootLogin = "prohibit-password";
+    };
   };
 }