qbit/xin
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

all: split out more ssh options as they have been migrated

Browse Source
This commit is contained in:
Aaron Bieber 2023-02-07 05:05:20 -07:00
parent e756e50189
commit 681d438de3
No known key found for this signature in database
1 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
default.nix
View File

@ -11,10 +11,22 @@ let
settings = {
PermitRootLogin = "prohibit-password";
PasswordAuthentication = false;
KexAlgorithms = [ "curve25519-sha256" "curve25519-sha256@libssh.org" ];
Macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
];
};
} else {
permitRootLogin = "prohibit-password";
passwordAuthentication = false;
kexAlgorithms = [ "curve25519-sha256" "curve25519-sha256@libssh.org" ];
macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
];
};
in {
imports = [
@ -191,16 +203,6 @@ in {
};
};
services = {
openssh = {
enable = true;
kexAlgorithms = [ "curve25519-sha256" "curve25519-sha256@libssh.org" ];
macs = [
"hmac-sha2-512-etm@openssh.com"
"hmac-sha2-256-etm@openssh.com"
"umac-128-etm@openssh.com"
];
} // inFluxSSHOptions;
};
services = { openssh = { enable = true; } // inFluxSSHOptions; };
};
}