profiles/base: Fix deprecated SSH config option

This gets rid of the following warning: trace: warning: The option `services.openssh.challengeResponseAuthentication' defined in `.../modules/user/aszlig/profiles/base.nix' has been renamed to `services.openssh.kbdInteractiveAuthentication'. The option actually didn't make sense in the first place because it was an alias leftover from SSH 1. I also changed the priority for the OpenSSH options from 1000 to 500 to avoid any future conflicts should the upstream module use mkDefault one day. Signed-off-by: aszlig <aszlig@nix.build>
author: aszlig <aszlig@nix.build> 2022-05-14 12:43:20 +0200
committer: aszlig <aszlig@nix.build> 2022-05-14 12:50:35 +0200
commit: 829cf0be8c1d6747c78fb0049d8384c309251205 (patch)
tree: 2f0e31765496bf77717d02992d3532045c2a3649 /modules
parent: 03117bcd0564a7008099bef87a17eefd6dd26c8f (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/user/aszlig/profiles/base.nix b/modules/user/aszlig/profiles/base.nix
index 44d3b9ae..a82af649 100644
--- a/modules/user/aszlig/profiles/base.nix
+++ b/modules/user/aszlig/profiles/base.nix
@@ -41,9 +41,9 @@ in {
       MaxRetentionSec=3month
     '';
 
-    services.openssh.passwordAuthentication = lib.mkDefault false;
-    services.openssh.permitRootLogin = lib.mkDefault "no";
-    services.openssh.challengeResponseAuthentication = lib.mkDefault false;
+    services.openssh.passwordAuthentication = lib.mkOverride 500 false;
+    services.openssh.permitRootLogin = lib.mkOverride 500 "no";
+    services.openssh.kbdInteractiveAuthentication = lib.mkOverride 500 false;
 
     environment.systemPackages = with pkgs; [
       binutils
author	aszlig <aszlig@nix.build>	2022-05-14 12:43:20 +0200
committer	aszlig <aszlig@nix.build>	2022-05-14 12:50:35 +0200
commit	829cf0be8c1d6747c78fb0049d8384c309251205 (patch)
tree	2f0e31765496bf77717d02992d3532045c2a3649 /modules
parent	03117bcd0564a7008099bef87a17eefd6dd26c8f (diff)