sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

roles/security: only allow ssh_host_ed25519_key

Browse source
This commit is contained in:
zowoq 2023-04-25 10:21:07 +10:00
parent 7e51f772b3
commit 81dd4e0557
1 changed files with 6 additions and 0 deletions

6
roles/security.nix
View file

@ -25,6 +25,12 @@
}; };
}; };
services.openssh = {
hostKeys = [
{ path = "/etc/ssh/ssh_host_ed25519_key"; type = "ed25519"; }
];
};
# Ban brute force SSH # Ban brute force SSH
services.fail2ban.enable = true; services.fail2ban.enable = true;
} }