From 9cbd833e5d5c3c146bf0e2d2187f1dcf3a82d912 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 12 Jan 2023 21:57:25 +0100 Subject: ... --- system-profiles/openssh/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system-profiles/openssh') diff --git a/system-profiles/openssh/default.nix b/system-profiles/openssh/default.nix index 3d04d9b5..221dac3c 100644 --- a/system-profiles/openssh/default.nix +++ b/system-profiles/openssh/default.nix @@ -50,7 +50,7 @@ in { hostKeyAlgorithms = [ "sk-ssh-ed25519-cert-v01@openssh.com" "ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "sk-ssh-ed25519@openssh.com" "ssh-ed25519" "rsa-sha2-256" "rsa-sha2-512" ]; kexAlgorithms = [ "curve25519-sha256@libssh.org" "diffie-hellman-group-exchange-sha256" ]; macs = [ "umac-128-etm@openssh.com" "hmac-sha2-256-etm@openssh.com" "hmac-sha2-512-etm@openssh.com" "umac-128@openssh.com" "hmac-sha2-256" "hmac-sha2-512" "umac-64-etm@openssh.com" "umac-64@openssh.com"]; - pubkeyAcceptedKeyTypes = [ "ssh-ed25519" "ssh-rsa" ]; + pubkeyAcceptedKeyTypes = [ "ssh-ed25519-cert-v01@openssh.com" "sk-ssh-ed25519-cert-v01@openssh.com" "rsa-sha2-512-cert-v01@openssh.com" "rsa-sha2-256-cert-v01@openssh.com" "ssh-ed25519" "ssh-rsa" ]; extraConfig = '' Host * CASignatureAlgorithms sk-ssh-ed25519@openssh.com,ssh-ed25519,rsa-sha2-256,rsa-sha2-512 -- cgit v1.2.3