From 608f39c3332e98800f24309eb848d664e983d6ea Mon Sep 17 00:00:00 2001
From: Alejandro Soto <alejandro@34project.org>
Date: Fri, 11 Mar 2022 01:09:26 -0600
Subject: Replicate ssh config

---
 sys/default.nix | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'sys')

diff --git a/sys/default.nix b/sys/default.nix
index 7636e91..2b265ec 100644
--- a/sys/default.nix
+++ b/sys/default.nix
@@ -292,7 +292,27 @@ in {
       enable = true;
       openFirewall = false;
       ports = [ 2234 ];
+
       forwardX11 = true;
+      permitRootLogin = "no";
+      passwordAuthentication = false;
+
+      hostKeys = [
+        {
+          bits = 4096;
+          path = "/etc/ssh/ssh_host_rsa_key";
+          type = "rsa";
+        }
+        {
+          path = "/etc/ssh/ssh_host_ed25519_key";
+          type = "ed25519";
+        }
+        #TODO: Desfasar, inseguro
+        {
+          path = "/etc/ssh/ssh_host_ecdsa_key";
+          type = "ecdsa";
+        }
+      ];
     };
 
     networking.firewall.allowedTCPPorts = [ 2234 ];
-- 
cgit v1.2.3