diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-21 11:13:07 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-21 11:13:07 +0100 |
commit | c214101dfdac5e4d61c031c77eb621d272053fe8 (patch) | |
tree | 637e4262c8d0450d3d208a22145a7b51cafdf1e7 | |
parent | e3ce82a0fcda1d3dba1e31d9ad8111eb9fe45c4f (diff) | |
download | nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar.gz nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar.bz2 nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar.xz nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.zip |
ssh: ...
-rw-r--r-- | accounts/gkleen@sif/default.nix | 1 | ||||
-rw-r--r-- | system-profiles/openssh/default.nix | 2 |
2 files changed, 1 insertions, 2 deletions
diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix index bd6ae49c..3acefc4e 100644 --- a/accounts/gkleen@sif/default.nix +++ b/accounts/gkleen@sif/default.nix | |||
@@ -76,7 +76,6 @@ in { | |||
76 | IdentityFile ~/.ssh/gkleen@mathinst.loc | 76 | IdentityFile ~/.ssh/gkleen@mathinst.loc |
77 | HostKeyAlgorithms +ssh-rsa | 77 | HostKeyAlgorithms +ssh-rsa |
78 | PubkeyAcceptedAlgorithms +ssh-rsa | 78 | PubkeyAcceptedAlgorithms +ssh-rsa |
79 | MACs +umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com | ||
80 | 79 | ||
81 | Match host *.mathinst.loc !exec "nc -z -w 1 %h %p &>/dev/null" | 80 | Match host *.mathinst.loc !exec "nc -z -w 1 %h %p &>/dev/null" |
82 | ProxyCommand ${pkgs.socat}/bin/socat - SOCKS4A:127.0.0.1:%h:%p,socksport=8118 | 81 | ProxyCommand ${pkgs.socat}/bin/socat - SOCKS4A:127.0.0.1:%h:%p,socksport=8118 |
diff --git a/system-profiles/openssh/default.nix b/system-profiles/openssh/default.nix index 98f75b94..5009dea3 100644 --- a/system-profiles/openssh/default.nix +++ b/system-profiles/openssh/default.nix | |||
@@ -27,7 +27,7 @@ | |||
27 | ciphers = [ "chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" "aes256-ctr" ]; | 27 | ciphers = [ "chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" "aes256-ctr" ]; |
28 | hostKeyAlgorithms = [ "sk-ssh-ed25519-cert-v01@openssh.com" "ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "sk-ssh-ed25519@openssh.com" "ssh-ed25519" "rsa-sha2-256" "rsa-sha2-512" ]; | 28 | hostKeyAlgorithms = [ "sk-ssh-ed25519-cert-v01@openssh.com" "ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "sk-ssh-ed25519@openssh.com" "ssh-ed25519" "rsa-sha2-256" "rsa-sha2-512" ]; |
29 | kexAlgorithms = [ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ]; | 29 | kexAlgorithms = [ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ]; |
30 | macs = [ "hmac-sha2-256-etm@openssh.com" "hmac-sha2-256" "hmac-sha2-512-etm@openssh.com" "hmac-sha2-512" ]; | 30 | macs = [ "umac-128-etm@openssh.com" "hmac-sha2-256-etm@openssh.com" "hmac-sha2-512-etm@openssh.com" "umac-128@openssh.com" "hmac-sha2-256" "hmac-sha2-512" "umac-64-etm@openssh.com" "umac-64@openssh.com"]; |
31 | pubkeyAcceptedKeyTypes = [ "ssh-ed25519" "ssh-rsa" ]; | 31 | pubkeyAcceptedKeyTypes = [ "ssh-ed25519" "ssh-rsa" ]; |
32 | extraConfig = '' | 32 | extraConfig = '' |
33 | Host * | 33 | Host * |