Replicate ssh config

author: Alejandro Soto <alejandro@34project.org> 2022-03-11 01:09:26 -0600
committer: Alejandro Soto <alejandro@34project.org> 2022-03-11 01:09:26 -0600
commit: 608f39c3332e98800f24309eb848d664e983d6ea (patch)
tree: eb3ad814e23c99ffce88ce8e8b874cafa5a3fd58 /sys
parent: a89fd3d557f6883bdac3a3ddbca1f91ee4bb2384 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/sys/default.nix b/sys/default.nix
index 7636e91..2b265ec 100644
--- a/sys/default.nix
+++ b/sys/default.nix
@@ -292,7 +292,27 @@ in {
       enable = true;
       openFirewall = false;
       ports = [ 2234 ];
+
       forwardX11 = true;
+      permitRootLogin = "no";
+      passwordAuthentication = false;
+
+      hostKeys = [
+        {
+          bits = 4096;
+          path = "/etc/ssh/ssh_host_rsa_key";
+          type = "rsa";
+        }
+        {
+          path = "/etc/ssh/ssh_host_ed25519_key";
+          type = "ed25519";
+        }
+        #TODO: Desfasar, inseguro
+        {
+          path = "/etc/ssh/ssh_host_ecdsa_key";
+          type = "ecdsa";
+        }
+      ];
     };
 
     networking.firewall.allowedTCPPorts = [ 2234 ];
author	Alejandro Soto <alejandro@34project.org>	2022-03-11 01:09:26 -0600
committer	Alejandro Soto <alejandro@34project.org>	2022-03-11 01:09:26 -0600
commit	608f39c3332e98800f24309eb848d664e983d6ea (patch)
tree	eb3ad814e23c99ffce88ce8e8b874cafa5a3fd58 /sys
parent	a89fd3d557f6883bdac3a3ddbca1f91ee4bb2384 (diff)