13 lines
438 B
Nix
13 lines
438 B
Nix
{ ... }:
|
|
{
|
|
services.openssh = {
|
|
enable = true;
|
|
permitRootLogin = "no";
|
|
passwordAuthentication = false;
|
|
challengeResponseAuthentication = false;
|
|
hostKeys = [ { "path" = "/etc/ssh/ssh_host_ed25519_key"; "type" = "ed25519"; } ];
|
|
kexAlgorithms = [ "curve25519-sha256" "curve25519-sha256@libssh.org" ];
|
|
macs = [ "hmac-sha2-512-etm@openssh.com" "hmac-sha2-512-etm@openssh.com" "umac-128-etm@openssh.com" ];
|
|
};
|
|
}
|