2024-07-01 12:04:54 +00:00 · 2024-07-01 12:00:47 +00:00 · 2024-07-01 12:02:10 +00:00
1 changed files with 4 additions and 0 deletions
--- a/clanModules/sshd/default.nix
+++ b/clanModules/sshd/default.nix
@ -2,6 +2,10 @@
 {
  services.openssh.enable = true;
  services.openssh.settings.PasswordAuthentication = false;
+  # We might want to remove this once, openssh is fixed everywhere:
+  # Workaround for CVE-2024-6387
+  # https://github.com/NixOS/nixpkgs/pull/323753#issuecomment-2199762128
+  services.openssh.settings.LoginGraceTime = 0;

  services.openssh.hostKeys = [
    {