forked from M-Labs/it-infra
nixops: disallow user SSH keys
This commit is contained in:
parent
bd6c61094f
commit
d91ff8300d
|
@ -93,6 +93,7 @@ in
|
||||||
services.avscan.enable = true;
|
services.avscan.enable = true;
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
services.openssh.authorizedKeysInHomedir = false;
|
||||||
services.openssh.settings.PasswordAuthentication = false;
|
services.openssh.settings.PasswordAuthentication = false;
|
||||||
services.openssh.extraConfig =
|
services.openssh.extraConfig =
|
||||||
''
|
''
|
||||||
|
|
|
@ -24,6 +24,7 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
services.openssh.authorizedKeysInHomedir = false;
|
||||||
services.openssh.settings.PasswordAuthentication = false;
|
services.openssh.settings.PasswordAuthentication = false;
|
||||||
services.openssh.settings.GatewayPorts = "clientspecified";
|
services.openssh.settings.GatewayPorts = "clientspecified";
|
||||||
services.openssh.extraConfig =
|
services.openssh.extraConfig =
|
||||||
|
|
Loading…
Reference in New Issue