Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

global/security: replace ssh agent auth with passwordless sudo

Browse source
This commit is contained in:
Infinidoge 2024-04-28 19:12:49 -04:00
parent 001068b1f0
commit 180bcfa3ff
Signed by: Infinidoge
SSH key fingerprint: SHA256:oAMyvotlNFraMmZmr+p6AxnNfW/GioTs1pOn3V4tQ7A
1 changed files with 1 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/global/security.nix
View file

@ -3,6 +3,7 @@ with lib;
{ {
# Security settings based on https://github.com/hlissner/dotfiles/blob/master/modules/security.nix # Security settings based on https://github.com/hlissner/dotfiles/blob/master/modules/security.nix
security = { security = {
sudo.wheelNeedsPassword = false;
sudo.extraConfig = '' sudo.extraConfig = ''
Defaults lecture=never Defaults lecture=never
''; '';
@ -14,11 +15,6 @@ with lib;
environmentFile = config.secrets.cloudflare; environmentFile = config.secrets.cloudflare;
}; };
}; };
pam.sshAgentAuth = {
enable = true;
authorizedKeysFiles = lib.mkForce [ "/etc/ssh/authorized_keys.d/%u" ];
};
}; };
hardware = { hardware = {