thunderbottom/flakes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
abb9050f0c
flakes/modules/nixos/core
History
Chinmay D. Pai 12cf2f3701
chore: harden ssh security 
* KbdInteractiveAuthentication: disable keyboard interactive-auth, since
  we solely rely on the SSH key for connection.
* PermitEmptyPasswords: disable empty passwords for SSH connection, again,
  since we use SSH keys.
* Protocol: Explicitly set the SSH protocol to 2, even though it is the
  default value.
* MaxAuthTries: Set auth tries to 3. This is to allow up to 3 keys to try
  connection.
* ChallengeResponseAuthentication: We do not require a challenge-response
  setup.
* AllowTcpForwarding: Allows access to locally-running ports without having
  to expose them. Since all auth methods are disabled, we can enable this.

Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>
2024-10-05 20:53:47 +05:30
..
docker chore: allow docker to use iptables 2024-09-02 19:05:15 +05:30
fish feat: add nixos configuration based on snowfall-lib 2024-09-02 18:31:19 +05:30
gnupg feat: add nixos configuration based on snowfall-lib 2024-09-02 18:31:19 +05:30
lanzaboote feat: add nixos configuration based on snowfall-lib 2024-09-02 18:31:19 +05:30
nix feat: replace perl activation script with rust-based implementation 2024-10-05 20:51:00 +05:30
security feat: add nixos configuration based on snowfall-lib 2024-09-02 18:31:19 +05:30
sshd chore: harden ssh security 2024-10-05 20:53:47 +05:30
default.nix chore: reduce boot configuration limit to 5 2024-09-29 23:26:04 +05:30