diff options
author | Silvan Mosberger <contact@infinisil.com> | 2020-09-06 22:15:25 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-09-06 22:15:25 +0200 |
commit | f822080b056f7b646e8c6459c463e5c6330b6b8c (patch) | |
tree | 11051ebcef776ad5d0aa1e2fec7e8735727e369a /nixos | |
parent | 86b973e780c306f72b9f30fe9d9a9dde73d69697 (diff) | |
parent | 1835fc455bf1fb71fc1ad36715acca630e4c871a (diff) |
Merge pull request #68887 from teto/ssh_banner
services.openssh: add banner item
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 6b27cbc56bd94..5365b8b9b1072 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -232,6 +232,14 @@ in ''; }; + banner = mkOption { + type = types.nullOr types.lines; + default = null; + description = '' + Message to display to the remote user before authentication is allowed. + ''; + }; + authorizedKeysFiles = mkOption { type = types.listOf types.str; default = []; @@ -474,6 +482,8 @@ in '' UsePAM yes + Banner ${if cfg.banner == null then "none" else pkgs.writeText "ssh_banner" cfg.banner} + AddressFamily ${if config.networking.enableIPv6 then "any" else "inet"} ${concatMapStrings (port: '' Port ${toString port} |