pub-solar/infra
6
1
Fork 3
Code Issues 24 Pull requests 9 Actions Packages Projects 1 Releases Wiki Activity

security/close-ssh #128

Merged
b12f merged 1 commit from security/close-ssh into main 2024-04-05 12:51:05 +00:00
Conversation 0 Commits 1 Files changed 1 +5 -1
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
modules/networking.nix
View file

@ -1,6 +1,10 @@
{ pkgs, ... }: { { pkgs, lib, ... }: {
teutat3s commented 2024-04-05 12:21:59 +00:00
Outdated
Review
Copy link

Need to bring in lib here

Need to bring in `lib` here
# Don't expose SSH via public interfaces
networking.firewall.interfaces.wg-ssh.allowedTCPPorts = [ 22 ];
services.openssh = { services.openssh = {
enable = true; enable = true;
openFirewall = lib.mkDefault false;
settings = { settings = {
PermitRootLogin = "prohibit-password"; PermitRootLogin = "prohibit-password";
PasswordAuthentication = false; PasswordAuthentication = false;