diff --git a/nix/nixos-modules/vps-remote-access.nix b/nix/nixos-modules/vps-remote-access.nix
new file mode 100644
index 0000000..4f231c1
--- /dev/null
+++ b/nix/nixos-modules/vps-remote-access.nix
@@ -0,0 +1,25 @@
+{ config, pkgs, lib, ... }:
+with lib;
+let
+  cfg = config.magic_rb.vpsRemoteAccess;
+in
+{
+  options.magic_rb = {
+    vpsRemoteAccess = {
+      enable = mkEnableOption "Enable VPS remote access module.";
+      trustedWheel = mkEnableOption "Add the wheel group to Nix trusted-users.";
+    };
+  };
+
+  config = mkIf cfg.enable
+    {
+      nix.trustedUsers = mkIf cfg.trustedWheel
+        [ "@wheel" ];
+
+      services.openssh = {
+        enable = true;
+        passwordAuthentication = false;
+        permitRootLogin = "no";
+      };
+    };
+}