From 9cbd833e5d5c3c146bf0e2d2187f1dcf3a82d912 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Thu, 12 Jan 2023 21:57:25 +0100
Subject: ...

---
 system-profiles/openssh/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'system-profiles/openssh')

diff --git a/system-profiles/openssh/default.nix b/system-profiles/openssh/default.nix
index 3d04d9b5..221dac3c 100644
--- a/system-profiles/openssh/default.nix
+++ b/system-profiles/openssh/default.nix
@@ -50,7 +50,7 @@ in {
       hostKeyAlgorithms = [ "sk-ssh-ed25519-cert-v01@openssh.com" "ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "sk-ssh-ed25519@openssh.com" "ssh-ed25519" "rsa-sha2-256" "rsa-sha2-512" ];
       kexAlgorithms = [ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ];
       macs = [ "umac-128-etm@openssh.com" "hmac-sha2-256-etm@openssh.com" "hmac-sha2-512-etm@openssh.com" "umac-128@openssh.com" "hmac-sha2-256" "hmac-sha2-512" "umac-64-etm@openssh.com" "umac-64@openssh.com"];
-      pubkeyAcceptedKeyTypes = [ "ssh-ed25519" "ssh-rsa" ];
+      pubkeyAcceptedKeyTypes = [ "ssh-ed25519-cert-v01@openssh.com" "sk-ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "ssh-ed25519" "ssh-rsa" ];
       extraConfig = ''
         Host *
           CASignatureAlgorithms sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-256,rsa-sha2-512
-- 
cgit v1.2.3