Use OpenSSH config from CCCHH nix-infra repo

config/common/default.nix

@@ -1,8 +1,9 @@
-{ pkgs, lib, ... }:
+{ pkgs, ... }:
 {
   imports = [
     ./prometheus-node-exporter.nix
     ./nginx.nix
+    ./openssh.nix
     ../users/colmena-deploy
     ../users/yuri
   ];
@@ -36,16 +37,6 @@
     tcpdump
   ];
 
-  services.openssh = {
-    enable = true;
-    openFirewall = true;
-    settings = {
-      PasswordAuthentication = false;
-      KbdInteractiveAuthentication = false;
-      PermitRootLogin = lib.mkForce "no";
-    };
-  };
-
   security.acme = {
     defaults.email = "acme@grzb.de";
     acceptTerms = true;