diff options
| author | Matthieu Coudron <mattator@gmail.com> | 2019-09-16 19:21:23 +0900 |
|---|---|---|
| committer | Matthieu Coudron <mcoudron@hotmail.com> | 2020-09-06 21:32:20 +0200 |
| commit | 1835fc455bf1fb71fc1ad36715acca630e4c871a (patch) | |
| tree | 112fd7021aaa428a328eb1db8188ae773ba76bd1 /nixos | |
| parent | c59ea8b8a0e7f927e7291c14ea6cd1bd3a16ff38 (diff) | |
services.openssh: add banner
Add the possibility to setup a banner. Co-authored-by: Silvan Mosberger <github@infinisil.com>
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 17f31e3a488d8..0db77e07978d2 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -232,6 +232,14 @@ in ''; }; + banner = mkOption { + type = types.nullOr types.lines; + default = null; + description = '' + Message to display to the remote user before authentication is allowed. + ''; + }; + authorizedKeysFiles = mkOption { type = types.listOf types.str; default = []; @@ -474,6 +482,8 @@ in '' UsePAM yes + Banner ${if cfg.banner == null then "none" else pkgs.writeText "ssh_banner" cfg.banner} + AddressFamily ${if config.networking.enableIPv6 then "any" else "inet"} ${concatMapStrings (port: '' Port ${toString port} |