diff --git a/flake.nix b/flake.nix
index 3e2dc94b..95cdb77a 100644
--- a/flake.nix
+++ b/flake.nix
@@ -254,6 +254,7 @@
 													share.path = "/home/chn/share";
 												};
 											};
+											sshd.enable = true;
 										};
 									};
 									systemd.sleep.extraConfig = localLib.stripeTabs	
@@ -265,7 +266,6 @@
 
 								[ ./modules/hardware/nvidia-prime.nix { intelBusId = "PCI:0:2:0"; nvidiaBusId = "PCI:1:0:0"; } ]
 								./modules/hardware/chn-PC.nix
-								./modules/networking/ssh.nix
 								./modules/networking/wall_client.nix
 								./modules/networking/xmunet.nix
 								./modules/networking/chn-PC.nix
diff --git a/modules/networking/ssh.nix b/modules/networking/ssh.nix
deleted file mode 100644
index f19993ad..00000000
--- a/modules/networking/ssh.nix
+++ /dev/null
@@ -1 +0,0 @@
-{ config.services.openssh.enable = true; }
\ No newline at end of file
diff --git a/modules/services/default.nix b/modules/services/default.nix
index 54a190b9..70f60aab 100644
--- a/modules/services/default.nix
+++ b/modules/services/default.nix
@@ -36,6 +36,7 @@ inputs:
 				default = {};
 			};
 		};
+		sshd.enable = mkOption { type = types.bool; default = false; };
 	};
 	config =
 		let
@@ -140,7 +141,7 @@ inputs:
 						defaultSopsFile = ../../secrets/${inputs.config.networking.hostName}.yaml;
 						# sops start before impermanence, so we need to use the absolute path
 						age.sshKeyPaths = [ "${services.sops.keyPathPrefix}/etc/ssh/ssh_host_ed25519_key" ];
-						gnupg.sshKeyPaths = [ "${services.sops.keyPathPrefix}/nix/persistent/etc/ssh/ssh_host_rsa_key" ];
+						gnupg.sshKeyPaths = [ "${services.sops.keyPathPrefix}/etc/ssh/ssh_host_rsa_key" ];
 					};
 				}
 			)
@@ -187,5 +188,8 @@ inputs:
 					};
 				}
 			)
+			(
+				mkIf services.sshd.enable { services.openssh.enable = true; }
+			)
 		];
 }