diff --git a/hosts/curve/default.nix b/hosts/curve/default.nix
index 26808fd..39534ad 100644
--- a/hosts/curve/default.nix
+++ b/hosts/curve/default.nix
@@ -1,5 +1,4 @@
-{ self, pkgs, ... }:
-{
+{ self, pkgs, ... }: {
   imports = [
     ./configuration.nix
     ../users/anish
@@ -17,19 +16,26 @@
     # ../profiles/mount-mossnet
   ];
 
+  # temporarily allow ssh access for work, to be able to do deploy new services
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+    settings.PermitRootLogin = "no";
+  };
+
   # import profiling tools
   programs.systemtap.enable = true;
 
   virtualisation.docker.enable = true;
   virtualisation.docker.storageDriver = "btrfs";
-  environment.systemPackages = with pkgs; [
-    docker-compose  
-  ];
+  environment.systemPackages = with pkgs; [ docker-compose ];
 
   # Speed up boot by removing dependency on network 
   systemd = {
-    targets.network-online.wantedBy = pkgs.lib.mkForce [ ]; # Normally ["multi-user.target"]
-    services.NetworkManager-wait-online.wantedBy = pkgs.lib.mkForce [ ]; # Normally ["network-online.target"]
+    targets.network-online.wantedBy =
+      pkgs.lib.mkForce [ ]; # Normally ["multi-user.target"]
+    services.NetworkManager-wait-online.wantedBy =
+      pkgs.lib.mkForce [ ]; # Normally ["network-online.target"]
   };
 
   programs.gnupg.agent.enable = true;
@@ -64,8 +70,15 @@
 
   # lazy enable of ports necessary for KDE connect which is installed via cli home profile (for some reason?)
   networking.firewall = {
-    allowedTCPPortRanges = [{ from = 1714; to = 1764; }];
-    allowedUDPPortRanges = [{ from = 1714; to = 1764; }];
+    allowedTCPPorts = [ 22 ]; # allow ssh
+    allowedTCPPortRanges = [{
+      from = 1714;
+      to = 1764;
+    }];
+    allowedUDPPortRanges = [{
+      from = 1714;
+      to = 1764;
+    }];
   };
 
   age.secrets.curve-wg.file = "${self}/secrets/curve-wg.age";
@@ -81,10 +94,7 @@
   mossnet.backup = {
     enable = true;
     name = "curve";
-    paths = [
-      "/home/anish/usr"
-      "/home/anish/.ssh"
-    ];
+    paths = [ "/home/anish/usr" "/home/anish/.ssh" ];
   };
 
   # enable adb 
@@ -93,7 +103,8 @@
   #virtualisation.docker.enable = true;
   boot.blacklistedKernelModules = [ "qcserial" ];
   # Used for packer Capsul
-  users.users.anish.extraGroups = [ "adbusers" "wheel" "plugdev" "libvertd" "docker" ];
+  users.users.anish.extraGroups =
+    [ "adbusers" "wheel" "plugdev" "libvertd" "docker" ];
   virtualisation.libvirtd.enable = true;
   hardware.keyboard.zsa.enable = true;
   services.udev.extraRules = ''
diff --git a/hosts/users/anish/default.nix b/hosts/users/anish/default.nix
index 51309b3..2dbc901 100644
--- a/hosts/users/anish/default.nix
+++ b/hosts/users/anish/default.nix
@@ -4,17 +4,20 @@
   programs.zsh.enable = true;
   users.users.anish = {
     description = "Personal user for Anish";
-    hashedPassword = "$y$j9T$y3DPt/dWaPE.gRazQqw1w0$1RMH5sl/Nu8kW3ZMywYCPRniHD/jF5qRh0VKrdJ.bV2";
+    hashedPassword =
+      "$y$j9T$y3DPt/dWaPE.gRazQqw1w0$1RMH5sl/Nu8kW3ZMywYCPRniHD/jF5qRh0VKrdJ.bV2";
     shell = pkgs.zsh;
     isNormalUser = true;
     extraGroups = [ "wheel" "audio" "networkmanager" "video" ];
     openssh.authorizedKeys.keys = [
       # Curve
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDM0Zvei46x/yZl/IeBCq6+IYQQ0avulzVyBysF9cPigZMCybWRV7IEU+E3k9t6JrbdbdGfJkcZIWmsWDdKS8W8mBnZpVoT0ffLynu8JQ/TKdGm4Qv6bgUeKNrGsNv0ZPs2CDaGSLj0oJfRF7Ko10tcLP0vW+yujrh+y6TH/vVzJioaV4TGvtCUpn+wEQah9ROwPQLUUofsSWdnRsDJ/gp37zXWs4l5wyjSKtP3O9RZUP7kBekbSqEgSXiTk0oUQSVqIWl9NDiP6onk/gSOjXsR/JPqsSN/XI/c/yj6gyY0f51Ru2D7iBxuMJIJcWV+rU6coIj+ULcQWLzt/7TI8jq5AOOzI/ll4zbL24Eo84Rz+TP9tvMMhDZ0VaMN22AJ8qQEjc5P09tWKsX7Jg39XelyV1jHXncE4yvIE9F4RSCHzWCeKeXakizQNuzSaxTxIExRFYHjNW5bR6+3MTGwVrEIXU+qML+0yFTR86MT+tdY5AreAJQLwbog79O1NupeXJE= anish@curve"
-      # Line
-      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDtU2GMYjXj6RGO1+mwM4TDGOo0qrKLTL4Di8+QgDX0p5vUEsnE1PS9wnuqCmSu75U8g0XIAMtvtdYyGk1N+Bx01erAZpT8DLYtIXFCyaiN28PVu5T1D0T+TQ7xgIH1qenXZR2DOQdf6kpvKEfm7+7bWhCo0N/KFMpmReubyzHDQcq/1qQasxTL+YALQFOjwKqsOTBXbHwZ103AEAcQX4ftBFEOfVli4/1aKIK4dNSZYB7J9Htq707YnsEqo9RLAMh0aOTTYgTx9AoSUDeqGuh/AGkcB7NcS7EEtI6d5YUGylwZh/gF6hqE0jl8kn2m5jMKXL3CRohZvjifue8x/GIjpu5WRabUuhBEbrfTQQaC7taHnt5rvYCGzKZx09TexUzhuz2CL480DRoxSG+P+lCNm1dIg/EZrnGEzXCSr36PlOqS5t5gm8tPkzCmZf2wU15A3ZIYUPmnYLqsn4WmIV7rKmdqt2ctWELUXow3PPiZXBucP9P3xpsYEfF1SB2SGNc= u0_a139@localhost"
       # Box
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKN8/SH55DBiwVoSnTU8k2Pen+wmovL9QaMyehxGEsJJv/8fzwsswGalD4C/4O51LOvdu4UKkZW5hG02uVSK+58p3UV3pOPyoqsu/aDeIsWsqmTeTzUrBIWOlNzcDKnohLz2oGC5YO+wyTJ9Iteq6aGJDjErsW7sG3h5lXCs551EmJNNGhtBQaaoytMNnWqSdlVjDNCijurH7WUpp40U/RjEp532l4rX6eIIj3jBKEFbhZkFSSjqbj4xM4SyFt+Jmigb1RMjsQjmpfY1vDtM84RcYfpTUte/T5w2dkD5H6kccmWnwKSJpm9wXfx4E7lR9APdUGnau2U1+XxiD3ytGl anish@box"
+      # Nix-on-droid line
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJOiXBPVvZAp1fY0a0Tupxj0Ml6MoA51lvqt/jAQq249 nix-on-droid@localhost"
+      # Work
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/vvh0i6+uAN0GWlK6ZfyTlc/AW54xe2CroUDsDSoGnFKeIUiSsWexobODlVakNhqwCKfsvUh6g+RdA8ZVcamATcYqxysP4X5fRksmAzRm5281O7ZBDHMB2BdcfHSTgiz7JvMRIQYWDlU8Ck6IL4wlN0b2GMUj9t/GeG37us8280rxpRNoIY7M27AJEZ7XNQhctBIVujxctVBgIMYmZiTwziU7ywJv4rNT5OAWvjRXSo1rkxdvx3VESv4y/mp8m7dEupZpIjIFsLs52+UG5LtadulUqtTWg05sCw8LEcmRhflgZSAvjw60RrKFCuWxc8+/Pmaw+zExeBMenqi0NzuTc3S3k2wCKVIZDh/0tlXzIwZ6WRqxDevUtEKfvbEFMXd8akhTfYs0dyszcFRevBxOBPbcKku+FK/HkdPLmEANvxYty3cv+Eipkz3c8JPJPvXNTXrjepXMm0LUKodO3c15hGogCOxUO38kykkyYnn+MxxHparoMfEr2+oHNpQoS5wA1G43ppqjVoRDgnhleu6ixwRkLZzphY3cnOd5jL9Ie5xIGbFWH1qSlQRdHBkHjuf85z7+QK8nFYAhmG1K3Vt3GNtF8LN1tYQkfwBJ/vsroMNzGPoq4PjVbqb80Eq+96cP89XKfU2/xw1g+p2lJDm/zC1WCjXVzf8NRwC7gqPavQ== anishlakhwara@anishs-mbp.lan"
     ];
   };
 }