diff --git a/modules/nixos/core/sshd/default.nix b/modules/nixos/core/sshd/default.nix
index 420abca..7c1e33f 100644
--- a/modules/nixos/core/sshd/default.nix
+++ b/modules/nixos/core/sshd/default.nix
@@ -1,5 +1,8 @@
-{ config, lib, ... }:
 {
+  config,
+  lib,
+  ...
+}: {
   options.snowflake.core.sshd = {
     enable = lib.mkEnableOption "Enable core sshd configuration";
   };
@@ -11,6 +14,12 @@
         # Disable password auth and root login.
         PasswordAuthentication = false;
         PermitRootLogin = "no";
+        KbdInteractiveAuthentication = false;
+        PermitEmptyPasswords = false;
+        Protocol = 2;
+        MaxAuthTries = 3;
+        ChallengeResponseAuthentication = false;
+        AllowTcpForwarding = "yes";
       };
       openFirewall = true;
     };