diff --git a/modules/services/networking/ssh/sshd.nix b/modules/services/networking/ssh/sshd.nix
index f99e871c448c..61f169df97d7 100644
--- a/modules/services/networking/ssh/sshd.nix
+++ b/modules/services/networking/ssh/sshd.nix
@@ -1,8 +1,9 @@
-{pkgs, config, ...}:
+{ config, pkgs, ... }:
+
+with pkgs.lib;
 
 let
 
-  inherit (pkgs.lib) mkOption mkIf;
   inherit (pkgs) openssh;
 
   cfg = config.services.sshd;
@@ -15,7 +16,7 @@ let
 
       UsePAM yes
 
-      ${ pkgs.lib.concatMapStrings (port : ''Port ${toString port}
+      ${ concatMapStrings (port : ''Port ${toString port}
                                            '') cfg.ports}
 
       ${if cfg.forwardX11 then "
@@ -112,13 +113,18 @@ in
 
   config = mkIf config.services.sshd.enable {
 
-    users.extraUsers = pkgs.lib.singleton
+    users.extraUsers = singleton
       { name = "sshd";
         uid = config.ids.uids.sshd;
         description = "SSH privilege separation user";
         home = "/var/empty";
       };
 
+    environment.etc = singleton
+      { source = "${openssh}/etc/ssh/moduli";
+        target = "ssh/moduli";
+      };
+
     jobs.sshd = {
 
         description = "OpenSSH server";
@@ -141,7 +147,7 @@ in
         exec = "${openssh}/sbin/sshd -h /etc/ssh/ssh_host_dsa_key -f ${sshdConfig}";
       };
 
-    networking.firewall.allowedTCPPorts = cfg.ports ;
+    networking.firewall.allowedTCPPorts = cfg.ports;
           
   };