diff --git a/config/profiles/base/ssh.nix b/config/profiles/base/ssh.nix
index 0783e577..d1ff411e 100644
--- a/config/profiles/base/ssh.nix
+++ b/config/profiles/base/ssh.nix
@@ -20,6 +20,12 @@ with lib;
     };
   };
 
+/*
+  security.pam.services.sshd.text = mkDefault (mkAfter ''
+    session required pam_exec.so ${katnotify}/bin/notify
+  '');
+*/
+
   services.openssh = {
     enable = true;
     ports = lib.mkDefault [ 62954 ];
@@ -28,6 +34,7 @@ with lib;
     permitRootLogin = lib.mkDefault "prohibit-password";
     kexAlgorithms = [ "curve25519-sha256@libssh.org" ];
     extraConfig = ''
+      PubkeyAcceptedAlgorithms +ssh-rsa
       StreamLocalBindUnlink yes
       LogLevel VERBOSE
     '';