Mirror/nix-git
Mirror/nix-git
1
0
Fork 0
mirror of https://codeberg.org/privacy1st/nix-git synced 2024-11-21 22:03:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

ssh config

Browse Source
This commit is contained in:
Daniel Langbein 2024-09-28 22:20:48 +02:00
parent 0f9ab5c7dc
commit 0e6504c54b
Signed by: langfingaz
GPG Key ID: 6C47C753F0823002
1 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
modules/ssh-server.nix
View File

@ -14,10 +14,23 @@
then [2226] then [2226]
else throw "Please add ssh port here" else throw "Please add ssh port here"
); );
# Use authorized keys only.
settings.PasswordAuthentication = false;
# Enabling this is required for commands such as sftp and sshfs. # Enabling this is required for commands such as sftp and sshfs.
allowSFTP = false; allowSFTP = false;
settings = {
# Use authorized keys only.
PasswordAuthentication = false;
#
# https://infosec.mozilla.org/guidelines/openssh
#
Macs = ["hmac-sha2-512-etm@openssh.com"];
Ciphers = ["chacha20-poly1305@openssh.com"];
# TODO Use 25519 instead of RSA key pairs
#KexAlgorithms = ["curve25519-sha256@libssh.org"];
};
}; };
# TODO replace authorizedKeys in all .nix files with authorizedKeyFiles # TODO replace authorizedKeys in all .nix files with authorizedKeyFiles