ssh: force login methods
This commit is contained in:
parent
6375b59ce8
commit
2d22e26ee2
1 changed files with 3 additions and 3 deletions
|
@ -1,11 +1,11 @@
|
||||||
{...}: {
|
{lib, ...}: {
|
||||||
services.openssh = {
|
services.openssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
KbdInteractiveAuthentication = false;
|
KbdInteractiveAuthentication = false;
|
||||||
PasswordAuthentication = false;
|
PasswordAuthentication = lib.mkForce false;
|
||||||
PubkeyAuthentication = true;
|
PubkeyAuthentication = true;
|
||||||
PermitRootLogin = "no";
|
PermitRootLogin = lib.mkForce "no";
|
||||||
StreamLocalBindUnlink = "yes";
|
StreamLocalBindUnlink = "yes";
|
||||||
GatewayPorts = "clientspecified";
|
GatewayPorts = "clientspecified";
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue