about summary refs log tree commit diff
path: root/nixos/modules
diff options
context:
space:
mode:
authorPol Dellaiera <pol.dellaiera@protonmail.com>2023-06-07 15:53:20 +0200
committerGitHub <noreply@github.com>2023-06-07 15:53:20 +0200
commitfdcc0ecf37b9604168ff6d79417a6604ddf9bd6e (patch)
treebdb27fc4ef8e0e210bf215c662e93180d073156b /nixos/modules
parent710aa8e0883960ce0bc0ede0a9c5967059abb952 (diff)
parenteeabae56e7ebbdaf3c02da16d8d81fe885261c6d (diff)
downloadnixlib-fdcc0ecf37b9604168ff6d79417a6604ddf9bd6e.tar
nixlib-fdcc0ecf37b9604168ff6d79417a6604ddf9bd6e.tar.gz
nixlib-fdcc0ecf37b9604168ff6d79417a6604ddf9bd6e.tar.bz2
nixlib-fdcc0ecf37b9604168ff6d79417a6604ddf9bd6e.tar.lz
nixlib-fdcc0ecf37b9604168ff6d79417a6604ddf9bd6e.tar.xz
nixlib-fdcc0ecf37b9604168ff6d79417a6604ddf9bd6e.tar.zst
nixlib-fdcc0ecf37b9604168ff6d79417a6604ddf9bd6e.zip
Merge pull request #236303 from alyssais/StrictModes
nixos/sshd: add StrictModes option
Diffstat (limited to 'nixos/modules')
-rw-r--r--nixos/modules/services/networking/ssh/sshd.nix7
1 files changed, 7 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix
index 70dde79a198d..59980a4cef9c 100644
--- a/nixos/modules/services/networking/ssh/sshd.nix
+++ b/nixos/modules/services/networking/ssh/sshd.nix
@@ -375,6 +375,13 @@ in
                 <https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67>
               '';
             };
+            StrictModes = mkOption {
+              type = types.bool;
+              default = true;
+              description = lib.mdDoc ''
+                Whether sshd should check file modes and ownership of directories
+              '';
+            };
             Ciphers = mkOption {
               type = types.listOf types.str;
               default = [
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-20 13:00:37 +0000