diff --git a/roles/security.nix b/roles/security.nix index 962765f..4539e83 100644 --- a/roles/security.nix +++ b/roles/security.nix @@ -25,6 +25,12 @@ }; }; + services.openssh = { + hostKeys = [ + { path = "/etc/ssh/ssh_host_ed25519_key"; type = "ed25519"; } + ]; + }; + # Ban brute force SSH services.fail2ban.enable = true; }