diff --git a/shared/openssh.nix b/shared/openssh.nix
new file mode 100644
index 0000000..3cbe44d
--- /dev/null
+++ b/shared/openssh.nix
@@ -0,0 +1,16 @@
+{ config, pkgs, ...}:
+{
+  # Enable the OpenSSH daemon.
+  services.openssh = {
+	enable = true;
+	settings = {
+		AuthenticationMethods = "publickey password";
+		TrustedUserCAKeys = "/etc/ssh/ssh_ca.pub";
+		Banner = "none";
+		PasswordAuthentication = true;
+		# PasswordAuthentication = false;
+		PubKeyAuthentication = true;
+		Port = 22;
+	};
+  };
+}