forked from clan/clan-core
sshd: workaround for CVE-2024-6387
This commit is contained in:
parent
498f2c02be
commit
cfc09ca270
|
@ -2,6 +2,10 @@
|
|||
{
|
||||
services.openssh.enable = true;
|
||||
services.openssh.settings.PasswordAuthentication = false;
|
||||
# We might want to remove this once, openssh is fixed everywhere:
|
||||
# Workaround for CVE-2024-6387
|
||||
# https://github.com/NixOS/nixpkgs/pull/323753#issuecomment-2199762128
|
||||
services.openssh.settings.LoginGraceTime = 0;
|
||||
|
||||
services.openssh.hostKeys = [
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue
Block a user