From 2f8b062363b293a72e4afa0e682f1c4371317515 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Tue, 12 Mar 2024 12:43:22 +0100
Subject: ...

---
 accounts/gkleen@sif/default.nix   | 2 +-
 accounts/gkleen@sif/ssh-hosts.nix | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

(limited to 'accounts/gkleen@sif')

diff --git a/accounts/gkleen@sif/default.nix b/accounts/gkleen@sif/default.nix
index d40b1c92..05cfc2c8 100644
--- a/accounts/gkleen@sif/default.nix
+++ b/accounts/gkleen@sif/default.nix
@@ -136,7 +136,7 @@ in {
               KbdInteractiveAuthentication yes
               UpdateHostKeys yes
               GlobalKnownHostsFile ${pkgs.writeText "ssh_known_hosts" ''
-                @cert-authority *.mathinst.loc,*.math.lmu.de ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBUTFpVCdETCXiDSDl7YGbR1J4BLTsoBzjDtflHJGO/z ssh-pki@mgmt01
+                @cert-authority *.mathinst.loc,*.math.lmu.de,*.cipmath.loc ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBUTFpVCdETCXiDSDl7YGbR1J4BLTsoBzjDtflHJGO/z ssh-pki@mgmt01
               ''}
 
             Match host *.mathinst.loc,*.math.lmu.de !host ssh.math.lmu.de !exec "nc -z -w 1 %h %p &>/dev/null"
diff --git a/accounts/gkleen@sif/ssh-hosts.nix b/accounts/gkleen@sif/ssh-hosts.nix
index 8cc0f04e..f141ca8e 100644
--- a/accounts/gkleen@sif/ssh-hosts.nix
+++ b/accounts/gkleen@sif/ssh-hosts.nix
@@ -546,6 +546,7 @@
       extraOptions = {
         PasswordAuthentication = "yes";
         KbdInteractiveAuthentication = "yes";
+        HostKeyAlgorithms = "+ecdsa-sha2-nistp256";
       };
     };
 }
-- 
cgit v1.2.3