more tides configuration

flake.nix

@@ -31,6 +31,7 @@
         ./nixos/machines/wsl/configuration.nix
         ./nixos/machines/installer/configuration.nix
         ./nixos/machines/crash/machine.nix
+        ./nixos/machines/tides/machine.nix
         ./home-manager/machines/wsl/home.nix
         ./home-manager/machines/crash/home.nix
         ./devshells/rust.nix

nixos/machines/tides/configuration.nix

@@ -26,20 +26,5 @@
   time.timeZone = "America/Louisville";
   i18n.defaultLocale = "en_US.UTF-8";
 
-  # Enable passwordless sudo.
-  security.sudo.extraRules = [
-    {
-      users = ["nathan"];
-      commands = [
-        {
-          command = "ALL";
-          options = ["NOPASSWD"];
-        }
-      ];
-    }
-  ];
-
-  services.openssh.enable = true;
-
   system.stateVersion = "24.11"; # Did you read the comment?
 }

nixos/machines/tides/machine.nix

@@ -37,6 +37,7 @@
                   inherit inputs;
                   mutableUsers = false;
                 })
+                (import ../../modules/ssh.nix)
               ];
 
               nix.settings.experimental-features = [

nixos/modules/ssh.nix

@@ -0,0 +1,17 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  services.openssh = {
+    enable = true;
+    settings = {
+      ciphers = ["chacha20-poly1305@openssh.com"];
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+    };
+  };
+
+  programs.mosh.enable = true;
+}