diff --git a/modules/rename.nix b/modules/rename.nix
index 9b71c46d10d..dbbc23dcfdf 100644
--- a/modules/rename.nix
+++ b/modules/rename.nix
@@ -73,7 +73,13 @@ in zipModules ([]
 
 ++ rename obsolete "boot.initrd.extraKernelModules" to "boot.initrd.kernelModules"
 
-# X11
+# OpenSSH
+++ rename obsolete "services.sshd.ports" to "services.openssh.ports"
+++ rename obsolete "services.sshd.enable" to "services.openssh.enable"
+++ rename obsolete "services.sshd.allowSFTP" to "services.openssh.allowSFTP"
+++ rename obsolete "services.sshd.forwardX11" to "services.openssh.forwardX11"
+++ rename obsolete "services.sshd.gatewayPorts" to "services.openssh.gatewayPorts"
+++ rename obsolete "services.sshd.permitRootLogin" to "services.openssh.permitRootLogin"
 ++ rename obsolete "services.xserver.startSSHAgent" to "services.xserver.startOpenSSHAgent"
 
 # KDE
diff --git a/modules/services/networking/ssh/sshd.nix b/modules/services/networking/ssh/sshd.nix
index 61f169df97d..38812754a69 100644
--- a/modules/services/networking/ssh/sshd.nix
+++ b/modules/services/networking/ssh/sshd.nix
@@ -4,9 +4,7 @@ with pkgs.lib;
 
 let
 
-  inherit (pkgs) openssh;
-
-  cfg = config.services.sshd;
+  cfg = config.services.openssh;
 
   nssModulesPath = config.system.nssModules.path;
 
@@ -27,7 +25,7 @@ let
       "}
 
       ${if cfg.allowSFTP then "
-        Subsystem sftp ${openssh}/libexec/sftp-server
+        Subsystem sftp ${pkgs.openssh}/libexec/sftp-server
       " else "
       "}
 
@@ -49,13 +47,13 @@ in
   
   options = {
   
-    services.sshd = {
+    services.openssh = {
 
       enable = mkOption {
         default = false;
         description = ''
-          Whether to enable the Secure Shell daemon, which allows secure
-          remote logins.
+          Whether to enable the OpenSSH secure shell daemon, which
+          allows secure remote logins.
         '';
       };
 
@@ -111,21 +109,21 @@ in
 
   ###### implementation
 
-  config = mkIf config.services.sshd.enable {
+  config = mkIf config.services.openssh.enable {
 
     users.extraUsers = singleton
-      { name = "sshd";
+      { name = "opensshd";
         uid = config.ids.uids.sshd;
         description = "SSH privilege separation user";
         home = "/var/empty";
       };
 
     environment.etc = singleton
-      { source = "${openssh}/etc/ssh/moduli";
+      { source = "${pkgs.openssh}/etc/ssh/moduli";
         target = "ssh/moduli";
       };
 
-    jobs.sshd = {
+    jobs.openssh = {
 
         description = "OpenSSH server";
 
@@ -138,17 +136,16 @@ in
             mkdir -m 0755 -p /etc/ssh
 
             if ! test -f /etc/ssh/ssh_host_dsa_key; then
-                ${openssh}/bin/ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ""
+                ${pkgs.openssh}/bin/ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ""
             fi
           '';
 
         daemonType = "fork";
 
-        exec = "${openssh}/sbin/sshd -h /etc/ssh/ssh_host_dsa_key -f ${sshdConfig}";
+        exec = "${pkgs.openssh}/sbin/sshd -h /etc/ssh/ssh_host_dsa_key -f ${sshdConfig}";
       };
 
     networking.firewall.allowedTCPPorts = cfg.ports;
-          
   };
 
 }