diff options
| author | Ethel Morgan <eth@ethulhu.co.uk> | 2020-07-01 14:49:54 +0100 |
|---|---|---|
| committer | Ethel Morgan <eth@ethulhu.co.uk> | 2020-07-01 14:49:54 +0100 |
| commit | 9dd6c61f91a58b125fb9cb1806211cff19157dca (patch) | |
| tree | 7883e074279c5da5b3bf49f2e8b404d103666bcc /nixos | |
| parent | ada2aad995e0f9aa04088b4ef212690b0e9ab29e (diff) | |
make eth.services.ssh.sshAgentAuth configurable
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/ssh.nix | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/nixos/modules/services/ssh.nix b/nixos/modules/services/ssh.nix index d965472..f32599a 100644 --- a/nixos/modules/services/ssh.nix +++ b/nixos/modules/services/ssh.nix @@ -13,12 +13,18 @@ in { default = false; description = "Whether to allow password authentication. Occasionally useful, used sparingly."; }; + + sshAgentAuth = mkOption { + type = types.bool; + default = false; + description = "Whether to enable sudo authentication using ssh-agent."; + }; }; config = mkIf cfg.enable { - security.pam.enableSSHAgentAuth = true; - security.pam.services.sudo.sshAgentAuth = true; + security.pam.enableSSHAgentAuth = cfg.sshAgentAuth; + security.pam.services.sudo.sshAgentAuth = cfg.sshAgentAuth; services.openssh = { enable = true; |