clerie/nixfiles
1
0
Fork 0
Code Activity

configuration/common: Hotfix OpenSSH CVE-2024-6387

Browse Source
This commit is contained in:
clerie
2024-07-01 20:14:19 +02:00
parent a080f84880
commit 9455fefe5d
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
configuration/common/ssh.nix
View File

@@ -7,6 +7,9 @@
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = lib.mkDefault "no";
# Hotfix CVE-2024-6387 https://github.com/NixOS/nixpkgs/pull/323753
LoginGraceTime = 0;
};
services.openssh.hostKeys = lib.mkForce [
# Only create ed25519 host keys