From 71ab2af0e5171322da2104f94ea7194b448c2b6e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= <tm@tlater.net>
Date: Tue, 21 Oct 2025 02:18:28 +0800
Subject: [PATCH] fix(pam): Switch to rssh for ssh-agent based PAM auth

The old module stopped working with my new yubikey, so...
---
 configuration/default.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/configuration/default.nix b/configuration/default.nix
index 924474a..f2d1615 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -117,11 +117,11 @@
     sudo.execWheelOnly = true;
 
     pam = {
-      sshAgentAuth = {
+      rssh = {
         enable = true;
-        authorizedKeysFiles = [ "/etc/ssh/authorized_keys.d/%u" ];
+        settings.auth_key_file = "/etc/ssh/authorized_keys.d/$ruser";
       };
-      services.sudo.sshAgentAuth = true;
+      services.sudo.rssh = true;
     };
   };