diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-21 11:13:07 +0100 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-12-21 11:13:07 +0100 |
| commit | c214101dfdac5e4d61c031c77eb621d272053fe8 (patch) | |
| tree | 637e4262c8d0450d3d208a22145a7b51cafdf1e7 | |
| parent | e3ce82a0fcda1d3dba1e31d9ad8111eb9fe45c4f (diff) | |
| download | nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar.gz nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar.bz2 nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.tar.xz nixos-c214101dfdac5e4d61c031c77eb621d272053fe8.zip | |
ssh: ...
| -rw-r--r-- | accounts/gkleen@sif/default.nix | 1 | ||||
| -rw-r--r-- | system-profiles/openssh/default.nix | 2 |
2 files changed, 1 insertions, 2 deletions
diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix index bd6ae49c..3acefc4e 100644 --- a/accounts/gkleen@sif/default.nix +++ b/accounts/gkleen@sif/default.nix | |||
| @@ -76,7 +76,6 @@ in { | |||
| 76 | IdentityFile ~/.ssh/gkleen@mathinst.loc | 76 | IdentityFile ~/.ssh/gkleen@mathinst.loc |
| 77 | HostKeyAlgorithms +ssh-rsa | 77 | HostKeyAlgorithms +ssh-rsa |
| 78 | PubkeyAcceptedAlgorithms +ssh-rsa | 78 | PubkeyAcceptedAlgorithms +ssh-rsa |
| 79 | MACs +umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com | ||
| 80 | 79 | ||
| 81 | Match host *.mathinst.loc !exec "nc -z -w 1 %h %p &>/dev/null" | 80 | Match host *.mathinst.loc !exec "nc -z -w 1 %h %p &>/dev/null" |
| 82 | ProxyCommand ${pkgs.socat}/bin/socat - SOCKS4A:127.0.0.1:%h:%p,socksport=8118 | 81 | ProxyCommand ${pkgs.socat}/bin/socat - SOCKS4A:127.0.0.1:%h:%p,socksport=8118 |
diff --git a/system-profiles/openssh/default.nix b/system-profiles/openssh/default.nix index 98f75b94..5009dea3 100644 --- a/system-profiles/openssh/default.nix +++ b/system-profiles/openssh/default.nix | |||
| @@ -27,7 +27,7 @@ | |||
| 27 | ciphers = [ "chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" "aes256-ctr" ]; | 27 | ciphers = [ "chacha20-poly1305@openssh.com" "aes256-gcm@openssh.com" "aes256-ctr" ]; |
| 28 | hostKeyAlgorithms = [ "sk-ssh-ed25519-cert-v01@openssh.com" "ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "sk-ssh-ed25519@openssh.com" "ssh-ed25519" "rsa-sha2-256" "rsa-sha2-512" ]; | 28 | hostKeyAlgorithms = [ "sk-ssh-ed25519-cert-v01@openssh.com" "ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "sk-ssh-ed25519@openssh.com" "ssh-ed25519" "rsa-sha2-256" "rsa-sha2-512" ]; |
| 29 | kexAlgorithms = [ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ]; | 29 | kexAlgorithms = [ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ]; |
| 30 | macs = [ "hmac-sha2-256-etm@openssh.com" "hmac-sha2-256" "hmac-sha2-512-etm@openssh.com" "hmac-sha2-512" ]; | 30 | macs = [ "umac-128-etm@openssh.com" "hmac-sha2-256-etm@openssh.com" "hmac-sha2-512-etm@openssh.com" "umac-128@openssh.com" "hmac-sha2-256" "hmac-sha2-512" "umac-64-etm@openssh.com" "umac-64@openssh.com"]; |
| 31 | pubkeyAcceptedKeyTypes = [ "ssh-ed25519" "ssh-rsa" ]; | 31 | pubkeyAcceptedKeyTypes = [ "ssh-ed25519" "ssh-rsa" ]; |
| 32 | extraConfig = '' | 32 | extraConfig = '' |
| 33 | Host * | 33 | Host * |