qbit/xin
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

all: split out more ssh options as they have been migrated

Browse Source
This commit is contained in:
Aaron Bieber 2023-02-07 05:05:20 -07:00
parent e756e50189
commit 681d438de3
No known key found for this signature in database
1 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
default.nix
View File

@ -11,10 +11,22 @@ let
settings = { settings = {
PermitRootLogin = "prohibit-password"; PermitRootLogin = "prohibit-password";
PasswordAuthentication = false; PasswordAuthentication = false;
KexAlgorithms = [ "curve25519-sha256" "curve25519-sha256@libssh.org" ];
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
];
}; };
} else { } else {
permitRootLogin = "prohibit-password"; permitRootLogin = "prohibit-password";
passwordAuthentication = false; passwordAuthentication = false;
kexAlgorithms = [ "curve25519-sha256" "curve25519-sha256@libssh.org" ];
macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
];
}; };
in { in {
imports = [ imports = [
@ -191,16 +203,6 @@ in {
}; };
}; };
services = { services = { openssh = { enable = true; } // inFluxSSHOptions; };
openssh = {
enable = true;
kexAlgorithms = [ "curve25519-sha256" "curve25519-sha256@libssh.org" ];
macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
];
} // inFluxSSHOptions;
};
}; };
} }