enabling battlestation root to ssh into workstation

ssh configurations wip

workstation/configuration.org

@@ -35,6 +35,7 @@ let
     (builtins.fetchTarball "https://github.com/nixos/nixpkgs/tarball/master") {
     config = config.nixpkgs.config;
   };
+  sshKeyBattlestation = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKDXxfFRSgII4w/S1mrekPQdfXNifqRxwJa0wpQo72wB jawz@battlestation";
   jawzManageLibrary = pkgs.writeScriptBin
     "manage-library" (builtins.readFile ../scripts/manage-library.sh);
   jawzTasks = pkgs.writeScriptBin
@@ -187,6 +188,7 @@ nixpkgs.config = {
 Being part of the "wheel" group, means that the user has root privileges.
 
 #+begin_src nix
+users.users.root.openssh.authorizedKeys.keys = [ sshKeyBattlestation ];
 users.users.jawz = {
   isNormalUser = true;
   extraGroups = [ "wheel" "networkmanager" "docker"
@@ -196,7 +198,7 @@ users.users.jawz = {
   initialPassword = "password";
   openssh = {
     authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5GaQM4N+yGAByibOFQOBVMV/6TjOfaGIP+NunMiK76 gpodeacero\cdreyes@100CDREYES"
-                            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKDXxfFRSgII4w/S1mrekPQdfXNifqRxwJa0wpQo72wB jawz@battlestation"
+                            sshKeyBattlestation
                           ];
   };
 #+end_src
@@ -691,19 +693,20 @@ services = {
   };
   openssh = let sshPort = 25152; in {
     enable = true;
-    ports = [ sshPort ];
+    # ports = [ sshPort ];
     openFirewall = true;
     settings = {
       PasswordAuthentication = false;
       KbdInteractiveAuthentication = false;
     };
     startWhenNeeded = true;
-    listenAddresses = [
-      {
-        addr = "0.0.0.0";
-        port = sshPort;
-      }
-    ];
+    # listenAddresses = [
+    #   {
+    #     addr = "0.0.0.0";
+    #     port = 22;
+    #     # port = sshPort;
+    #   }
+    # ];
   };
 };
 #+end_src