diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index fdb9dfd4b8c..ee9cb81a027 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -59,6 +59,13 @@ in ''; }; + package = mkOption { + default = pkgs.openssh; + description = '' + The package used for the openssh client and daemon. + ''; + }; + }; }; @@ -92,7 +99,7 @@ in wantedBy = [ "default.target" ]; serviceConfig = { ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent"; - ExecStart = "${pkgs.openssh}/bin/ssh-agent -a %t/ssh-agent"; + ExecStart = "${cfg.package}/bin/ssh-agent -a %t/ssh-agent"; StandardOutput = "null"; Type = "forking"; Restart = "on-failure"; diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 379dec2e92c..fee1bace046 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -291,7 +291,7 @@ in }; environment.etc = authKeysFiles ++ [ - { source = "${pkgs.openssh}/etc/ssh/moduli"; + { source = "${cfgc.package}/etc/ssh/moduli"; target = "ssh/moduli"; } { source = knownHostsFile; @@ -308,7 +308,7 @@ in stopIfChanged = false; - path = [ pkgs.openssh pkgs.gawk ]; + path = [ cfgc.package pkgs.gawk ]; environment.LD_LIBRARY_PATH = nssModulesPath; @@ -325,7 +325,7 @@ in serviceConfig = { ExecStart = - "${pkgs.openssh}/sbin/sshd " + (optionalString cfg.startWhenNeeded "-i ") + + "${cfgc.package}/sbin/sshd " + (optionalString cfg.startWhenNeeded "-i ") + "-f ${pkgs.writeText "sshd_config" cfg.extraConfig}"; KillMode = "process"; } // (if cfg.startWhenNeeded then { @@ -394,7 +394,7 @@ in ''} ${optionalString cfg.allowSFTP '' - Subsystem sftp ${pkgs.openssh}/libexec/sftp-server + Subsystem sftp ${cfgc.package}/libexec/sftp-server ''} PermitRootLogin ${cfg.permitRootLogin}