feat(nixos): enable ssh service with security enhancements

The commit enables the SSH service on the ryu NixOS configuration with enhanced security settings including disabling password authentication and prohibiting root login. It also adds several font packages to the home configuration.

Changes:
- Enabled SSH service in ryu configuration with security settings
- Added font packages to home programs
- Moved SSH service definition to its own module file
- Removed SSH enablement from main configuration
- Updated service imports to include openssh module

Author: uttarayan21

home/programs/default.nix

@@ -90,6 +90,13 @@
       nerd-fonts.fira-code
       nerd-fonts.hasklug
       nerd-fonts.symbols-only
+      noto-fonts
+      noto-fonts-cjk-sans
+      noto-fonts-color-emoji
+      liberation_ttf
+      fira-code
+      fira-code-symbols
+      mplus-outline-fonts.githubRelease
     ]
     ++ lib.optionals device.isLinux []
     ++ lib.optionals device.isDarwin [];

nixos/ryu/configuration.nix

@@ -169,8 +169,6 @@
     };
   };
 
-  services.openssh.enable = true;
-
   networking = {
     interfaces.eno1.wakeOnLan = {
       policy = ["magic"];

nixos/ryu/services/default.nix

@@ -22,5 +22,6 @@
     ./handoff.nix
     ./gstreamer.nix
     ./dualsense.nix
+    ./openssh.nix
   ];
 }

nixos/ryu/services/openssh.nix

@@ -0,0 +1,7 @@
+{...}: {
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+    settings.PermitRootLogin = "prohibit-password";
+  };
+}