diff --git a/machines/configuration.nix b/machines/configuration.nix
index dff5694..7945dad 100644
--- a/machines/configuration.nix
+++ b/machines/configuration.nix
@@ -58,6 +58,7 @@ in
     specialArgs.inputs = inputs;
     modules = defaultModules ++ [
       ./lucia/configuration.nix
+      ./lucia/hardware_configuration.nix
     ];
   };
 
diff --git a/machines/lucia/configuration.nix b/machines/lucia/configuration.nix
index db4c0fa..6d71156 100644
--- a/machines/lucia/configuration.nix
+++ b/machines/lucia/configuration.nix
@@ -3,14 +3,18 @@
 {
   imports =
     [ # Include the results of the hardware scan.
-      ./hardware_configuration.nix
-      ../modules/sshd.nix
       ../modules/malobeo_user.nix
     ];
 
   sops.defaultSopsFile = ./secrets.yaml;
   sops.secrets.njala_api_key = {};
 
+  services.openssh.enable = true;
+  services.openssh.ports = [ 22 ];
+  services.openssh.passwordAuthentication = false;
+  services.openssh.settings.PermitRootLogin = "prohibit-password";
+  users.users.root.openssh.authorizedKeys.keys = import ../ssh_keys.nix;
+
   # Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
   boot.loader.grub.enable = false;
   boot.loader.raspberryPi.enable = false;