diff options
Diffstat (limited to 'modules/nixos/networking/hard-ssh.nix')
| -rw-r--r-- | modules/nixos/networking/hard-ssh.nix | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/modules/nixos/networking/hard-ssh.nix b/modules/nixos/networking/hard-ssh.nix new file mode 100644 index 0000000..849af9b --- /dev/null +++ b/modules/nixos/networking/hard-ssh.nix @@ -0,0 +1,19 @@ +{ + services.openssh = { + enable = true; + allowSFTP = false; + ports = [5522]; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + KbdInteractiveAuthentication = true; + }; + extraConfig = '' + AllowTcpForwarding no + AllowAgentForwarding no + MaxAuthTries 3 + MaxSessions 4 + TCPKeepAlive no + ''; + }; +} |