diff options
author | Christoph Cullmann <cullmann@kde.org> | 2024-01-11 23:45:38 +0100 |
---|---|---|
committer | Christoph Cullmann <cullmann@kde.org> | 2024-01-11 23:45:38 +0100 |
commit | fb3dbe0a6acf059d3c1599094c44abc345f9525c (patch) | |
tree | 7755912549fa3629da8f6968112203a89bde931f | |
parent | b32daf32dd5ae707470f3db59338fce7013047f8 (diff) |
back to secure settings
-rw-r--r-- | common.nix | 5 |
1 files changed, 2 insertions, 3 deletions
@@ -71,9 +71,8 @@ in services.openssh = { # enable with public key only auth enable = true; - settings.PasswordAuthentication = true; - settings.KbdInteractiveAuthentication = true; - settings.PermitRootLogin = "yes"; + settings.PasswordAuthentication = false; + settings.KbdInteractiveAuthentication = false; # only ed25519 keys, make them persistent hostKeys = [{ |