diff --git a/base/programs.nix b/base/programs.nix
index 91d4ebf..194a371 100644
--- a/base/programs.nix
+++ b/base/programs.nix
@@ -8,6 +8,14 @@
     bandwhich.enable = true;
   };
 
+  services.openssh = {
+    passwordAuthentication = false;
+    permitRootLogin = "no";
+    extraConfig = ''
+      StreamLocalBindUnlink yes
+    '';
+  };
+
   environment.systemPackages = builtins.attrValues {
     inherit
       (pkgs)
diff --git a/hosts/boreal/default.nix b/hosts/boreal/default.nix
index 6661e08..7241b8a 100644
--- a/hosts/boreal/default.nix
+++ b/hosts/boreal/default.nix
@@ -79,11 +79,7 @@
   };
 
   services = {
-    openssh = {
-      enable = true;
-      permitRootLogin = "no";
-      passwordAuthentication = false;
-    };
+    openssh.enable = true;
   };
   my.gui = {
     enable = true;
diff --git a/hosts/hades/default.nix b/hosts/hades/default.nix
index d573e98..cb6b639 100644
--- a/hosts/hades/default.nix
+++ b/hosts/hades/default.nix
@@ -126,8 +126,6 @@ in {
 
   # Enable the OpenSSH daemon.
   services.openssh.enable = true;
-  services.openssh.permitRootLogin = "no";
-  services.openssh.passwordAuthentication = false;
 
   virtualisation.docker.enable = true;
 
diff --git a/hosts/poseidon/default.nix b/hosts/poseidon/default.nix
index 037db1e..30fc071 100644
--- a/hosts/poseidon/default.nix
+++ b/hosts/poseidon/default.nix
@@ -89,8 +89,6 @@ in {
 
   # Enable the OpenSSH daemon.
   services.openssh.enable = true;
-  services.openssh.permitRootLogin = "no";
-  services.openssh.passwordAuthentication = false;
 
   # Takes a long while to build
   documentation.nixos.enable = false;
diff --git a/hosts/zephyrus/default.nix b/hosts/zephyrus/default.nix
index b6f4440..dbfd570 100644
--- a/hosts/zephyrus/default.nix
+++ b/hosts/zephyrus/default.nix
@@ -85,11 +85,7 @@
       };
     };
     fwupd.enable = true;
-    openssh = {
-      enable = true;
-      permitRootLogin = "no";
-      passwordAuthentication = false;
-    };
+    openssh.enable = true;
   };
   my.gui.enable = true;