DavHau/clan-core
1
0
Fork 0
forked from clan/clan-core
Code Pull Requests Activity

sshd: workaround for CVE-2024-6387

Browse Source
This commit is contained in:
Jörg Thalheim 2024-07-01 13:57:29 +02:00
parent 498f2c02be
commit cfc09ca270
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
clanModules/sshd/default.nix
View File

@ -2,6 +2,10 @@
{
services.openssh.enable = true;
services.openssh.settings.PasswordAuthentication = false;
# We might want to remove this once, openssh is fixed everywhere:
# Workaround for CVE-2024-6387
# https://github.com/NixOS/nixpkgs/pull/323753#issuecomment-2199762128
services.openssh.settings.LoginGraceTime = 0;
services.openssh.hostKeys = [
{