roles/security: only allow ssh_host_ed25519_key
This commit is contained in:
parent
7e51f772b3
commit
81dd4e0557
1 changed files with 6 additions and 0 deletions
|
@ -25,6 +25,12 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
hostKeys = [
|
||||||
|
{ path = "/etc/ssh/ssh_host_ed25519_key"; type = "ed25519"; }
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
# Ban brute force SSH
|
# Ban brute force SSH
|
||||||
services.fail2ban.enable = true;
|
services.fail2ban.enable = true;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue