diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2023-12-07 20:32:45 +0100 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2023-12-07 20:32:45 +0100 |
| commit | da6a7d5c69aa3e8b70755e88be0f44b642422114 (patch) | |
| tree | bb64c8f76a0655b0967d73d7de3541fe2825aa57 /system-profiles/openssh | |
| parent | 26ba0280e38648a787a5ef60807f91765c40d1d5 (diff) | |
| download | nixos-da6a7d5c69aa3e8b70755e88be0f44b642422114.tar nixos-da6a7d5c69aa3e8b70755e88be0f44b642422114.tar.gz nixos-da6a7d5c69aa3e8b70755e88be0f44b642422114.tar.bz2 nixos-da6a7d5c69aa3e8b70755e88be0f44b642422114.tar.xz nixos-da6a7d5c69aa3e8b70755e88be0f44b642422114.zip | |
bump
Diffstat (limited to 'system-profiles/openssh')
| -rw-r--r-- | system-profiles/openssh/default.nix | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/system-profiles/openssh/default.nix b/system-profiles/openssh/default.nix index 3e17e96c..098e2b25 100644 --- a/system-profiles/openssh/default.nix +++ b/system-profiles/openssh/default.nix | |||
| @@ -66,7 +66,10 @@ in { | |||
| 66 | services.openssh = mkIf cfg.enable { | 66 | services.openssh = mkIf cfg.enable { |
| 67 | hostKeys = mkIf cfg.staticHostKeys (mkForce []); # done manually | 67 | hostKeys = mkIf cfg.staticHostKeys (mkForce []); # done manually |
| 68 | settings = { | 68 | settings = { |
| 69 | inherit Ciphers Macs KexAlgorithms HostKeyAlgorithms CASignatureAlgorithms PubkeyAcceptedAlgorithms; | 69 | inherit Ciphers Macs KexAlgorithms; |
| 70 | HostKeyAlgorithms = concatStringsSep "," HostKeyAlgorithms; | ||
| 71 | PubkeyAcceptedAlgorithms = concatStringsSep "," PubkeyAcceptedAlgorithms; | ||
| 72 | CASignatureAlgorithms = concatStringsSep "," CASignatureAlgorithms; | ||
| 70 | 73 | ||
| 71 | LogLevel = "VERBOSE"; | 74 | LogLevel = "VERBOSE"; |
| 72 | RevokedKeys = toString ./ca/krl.bin; | 75 | RevokedKeys = toString ./ca/krl.bin; |