diff options
Diffstat (limited to 'system-profiles/openssh')
| -rw-r--r-- | system-profiles/openssh/default.nix | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/system-profiles/openssh/default.nix b/system-profiles/openssh/default.nix index 3e17e96c..098e2b25 100644 --- a/system-profiles/openssh/default.nix +++ b/system-profiles/openssh/default.nix | |||
| @@ -66,7 +66,10 @@ in { | |||
| 66 | services.openssh = mkIf cfg.enable { | 66 | services.openssh = mkIf cfg.enable { |
| 67 | hostKeys = mkIf cfg.staticHostKeys (mkForce []); # done manually | 67 | hostKeys = mkIf cfg.staticHostKeys (mkForce []); # done manually |
| 68 | settings = { | 68 | settings = { |
| 69 | inherit Ciphers Macs KexAlgorithms HostKeyAlgorithms CASignatureAlgorithms PubkeyAcceptedAlgorithms; | 69 | inherit Ciphers Macs KexAlgorithms; |
| 70 | HostKeyAlgorithms = concatStringsSep "," HostKeyAlgorithms; | ||
| 71 | PubkeyAcceptedAlgorithms = concatStringsSep "," PubkeyAcceptedAlgorithms; | ||
| 72 | CASignatureAlgorithms = concatStringsSep "," CASignatureAlgorithms; | ||
| 70 | 73 | ||
| 71 | LogLevel = "VERBOSE"; | 74 | LogLevel = "VERBOSE"; |
| 72 | RevokedKeys = toString ./ca/krl.bin; | 75 | RevokedKeys = toString ./ca/krl.bin; |