diff options
author | edef <edef@edef.eu> | 2020-04-10 16:05:36 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-04-10 16:05:36 +0000 |
commit | 6fbacea8e57b2afd00e7275d1b1c001b53a06377 (patch) | |
tree | 1235346f168c23cdbb9ed9f8f942755547b605cb | |
parent | 171eb4ff5f12a4d1e34ef3a3908245874bca4f0b (diff) | |
parent | 387b9bf352851c8ec200030f3d4a79c3fac843de (diff) | |
download | nixlib-6fbacea8e57b2afd00e7275d1b1c001b53a06377.tar nixlib-6fbacea8e57b2afd00e7275d1b1c001b53a06377.tar.gz nixlib-6fbacea8e57b2afd00e7275d1b1c001b53a06377.tar.bz2 nixlib-6fbacea8e57b2afd00e7275d1b1c001b53a06377.tar.lz nixlib-6fbacea8e57b2afd00e7275d1b1c001b53a06377.tar.xz nixlib-6fbacea8e57b2afd00e7275d1b1c001b53a06377.tar.zst nixlib-6fbacea8e57b2afd00e7275d1b1c001b53a06377.zip |
Merge pull request #84602 from alyssais/ssh
nixos/ssh: don't accept ssh-dss keys
-rw-r--r-- | nixos/modules/programs/ssh.nix | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index 80198990ed11..44e65ee8a9a0 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -61,12 +61,9 @@ in ''; }; - # Allow DSA keys for now. (These were deprecated in OpenSSH 7.0.) pubkeyAcceptedKeyTypes = mkOption { type = types.listOf types.str; - default = [ - "+ssh-dss" - ]; + default = []; example = [ "ssh-ed25519" "ssh-rsa" ]; description = '' Specifies the key types that will be used for public key authentication. @@ -75,9 +72,7 @@ in hostKeyAlgorithms = mkOption { type = types.listOf types.str; - default = [ - "+ssh-dss" - ]; + default = []; example = [ "ssh-ed25519" "ssh-rsa" ]; description = '' Specifies the host key algorithms that the client wants to use in order of preference. |