diff options
| -rw-r--r-- | nixos/modules/services/ssh.nix | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/nixos/modules/services/ssh.nix b/nixos/modules/services/ssh.nix index d965472..f32599a 100644 --- a/nixos/modules/services/ssh.nix +++ b/nixos/modules/services/ssh.nix @@ -13,12 +13,18 @@ in { default = false; description = "Whether to allow password authentication. Occasionally useful, used sparingly."; }; + + sshAgentAuth = mkOption { + type = types.bool; + default = false; + description = "Whether to enable sudo authentication using ssh-agent."; + }; }; config = mkIf cfg.enable { - security.pam.enableSSHAgentAuth = true; - security.pam.services.sudo.sshAgentAuth = true; + security.pam.enableSSHAgentAuth = cfg.sshAgentAuth; + security.pam.services.sudo.sshAgentAuth = cfg.sshAgentAuth; services.openssh = { enable = true; |