diff --git a/yodaTux/configuration.nix b/yodaTux/configuration.nix
index 04f531f..d3de269 100644
--- a/yodaTux/configuration.nix
+++ b/yodaTux/configuration.nix
@@ -151,8 +151,14 @@
 
   # List services that you want to enable:
 
-  # Enable the OpenSSH daemon.
-  # services.openssh.enable = true;
+  # Enable SSH server.
+  services.openssh = {
+    enable = true;
+    # Forbid root login through SSH.
+    settings.PermitRootLogin = "no";
+    # Use authorized keys only.
+    settings.PasswordAuthentication = false;
+  };
 
   # Open ports in the firewall.
   # networking.firewall.allowedTCPPorts = [ ... ];