diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-07-27 20:13:08 +0200 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2015-07-27 20:30:10 +0200 |
commit | a5b83c357319c4442c94979cb3679d41d9b352bc (patch) | |
tree | 83c13d6c78ab9db066e1d0333dc0e8ff7403ab0c /nixos/modules | |
parent | d166c854b6ecfd9ada520439b06f7eb9e3e4be7c (diff) | |
download | nixlib-a5b83c357319c4442c94979cb3679d41d9b352bc.tar nixlib-a5b83c357319c4442c94979cb3679d41d9b352bc.tar.gz nixlib-a5b83c357319c4442c94979cb3679d41d9b352bc.tar.bz2 nixlib-a5b83c357319c4442c94979cb3679d41d9b352bc.tar.lz nixlib-a5b83c357319c4442c94979cb3679d41d9b352bc.tar.xz nixlib-a5b83c357319c4442c94979cb3679d41d9b352bc.tar.zst nixlib-a5b83c357319c4442c94979cb3679d41d9b352bc.zip |
sshd: Use RSA and ED25519 host keys
Closes #7939.
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 4be2b5fe0c0c..1c428ceddfd2 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -184,16 +184,11 @@ in hostKeys = mkOption { type = types.listOf types.attrs; default = - [ { path = "/etc/ssh/ssh_host_dsa_key"; - type = "dsa"; - } - { path = "/etc/ssh/ssh_host_ecdsa_key"; - type = "ecdsa"; - bits = 521; - } - { path = "/etc/ssh/ssh_host_ed25519_key"; - type = "ed25519"; - } + [ { type = "rsa"; bits = 4096; path = "/etc/ssh/ssh_host_rsa_key"; } + { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } + ] ++ optionals (!versionAtLeast config.system.stateVersion "15.07") + [ { type = "dsa"; path = "/etc/ssh/ssh_host_dsa_key"; } + { type = "ecdsa"; bits = 521; path = "/etc/ssh/ssh_host_ecdsa_key"; } ]; description = '' NixOS can automatically generate SSH host keys. This option |