summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2021-12-21 11:13:07 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2021-12-21 11:13:07 +0100
commitc214101dfdac5e4d61c031c77eb621d272053fe8 (patch)
tree637e4262c8d0450d3d208a22145a7b51cafdf1e7
parente3ce82a0fcda1d3dba1e31d9ad8111eb9fe45c4f (diff)
downloadnixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar
nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar.gz
nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar.bz2
nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar.xz
nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.zip
ssh: ...
-rw-r--r--accounts/gkleen@sif/default.nix1
-rw-r--r--system-profiles/openssh/default.nix2
2 files changed, 1 insertions, 2 deletions
diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix
index bd6ae49c..3acefc4e 100644
--- a/accounts/gkleen@sif/default.nix
+++ b/accounts/gkleen@sif/default.nix
@@ -76,7 +76,6 @@ in {
76 IdentityFile ~/.ssh/gkleen@mathinst.loc 76 IdentityFile ~/.ssh/gkleen@mathinst.loc
77 HostKeyAlgorithms +ssh-rsa 77 HostKeyAlgorithms +ssh-rsa
78 PubkeyAcceptedAlgorithms +ssh-rsa 78 PubkeyAcceptedAlgorithms +ssh-rsa
79 MACs +umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com
80 79
81 Match host *.mathinst.loc !exec "nc -z -w 1 %h %p &>/dev/null" 80 Match host *.mathinst.loc !exec "nc -z -w 1 %h %p &>/dev/null"
82 ProxyCommand ${pkgs.socat}/bin/socat - SOCKS4A:127.0.0.1:%h:%p,socksport=8118 81 ProxyCommand ${pkgs.socat}/bin/socat - SOCKS4A:127.0.0.1:%h:%p,socksport=8118
diff --git a/system-profiles/openssh/default.nix b/system-profiles/openssh/default.nix
index 98f75b94..5009dea3 100644
--- a/system-profiles/openssh/default.nix
+++ b/system-profiles/openssh/default.nix
@@ -27,7 +27,7 @@
27 ciphers = [ "chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" "aes256-ctr" ]; 27 ciphers = [ "chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" "aes256-ctr" ];
28 hostKeyAlgorithms = [ "sk-ssh-ed25519-cert-v01@openssh.com" "ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "sk-ssh-ed25519@openssh.com" "ssh-ed25519" "rsa-sha2-256" "rsa-sha2-512" ]; 28 hostKeyAlgorithms = [ "sk-ssh-ed25519-cert-v01@openssh.com" "ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "sk-ssh-ed25519@openssh.com" "ssh-ed25519" "rsa-sha2-256" "rsa-sha2-512" ];
29 kexAlgorithms = [ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ]; 29 kexAlgorithms = [ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ];
30 macs = [ "hmac-sha2-256-etm@openssh.com" "hmac-sha2-256" "hmac-sha2-512-etm@openssh.com" "hmac-sha2-512" ]; 30 macs = [ "umac-128-etm@openssh.com" "hmac-sha2-256-etm@openssh.com" "hmac-sha2-512-etm@openssh.com" "umac-128@openssh.com" "hmac-sha2-256" "hmac-sha2-512" "umac-64-etm@openssh.com" "umac-64@openssh.com"];
31 pubkeyAcceptedKeyTypes = [ "ssh-ed25519" "ssh-rsa" ]; 31 pubkeyAcceptedKeyTypes = [ "ssh-ed25519" "ssh-rsa" ];
32 extraConfig = '' 32 extraConfig = ''
33 Host * 33 Host *