diff options
Diffstat (limited to 'nixos/modules/programs')
-rw-r--r-- | nixos/modules/programs/ssh.nix | 28 | ||||
-rw-r--r-- | nixos/modules/programs/tmux.nix | 2 |
2 files changed, 26 insertions, 4 deletions
diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index b4184041d18af..cc398174e6ce0 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -61,6 +61,29 @@ in ''; }; + # Allow DSA keys for now. (These were deprecated in OpenSSH 7.0.) + pubkeyAcceptedKeyTypes = mkOption { + type = types.listOf types.str; + default = [ + "+ssh-dss" + ]; + example = [ "ssh-ed25519" "ssh-rsa" ]; + description = '' + Specifies the key types that will be used for public key authentication. + ''; + }; + + hostKeyAlgorithms = mkOption { + type = types.listOf types.str; + default = [ + "+ssh-dss" + ]; + example = [ "ssh-ed25519" "ssh-rsa" ]; + description = '' + Specifies the host key algorithms that the client wants to use in order of preference. + ''; + }; + extraConfig = mkOption { type = types.lines; default = ""; @@ -188,9 +211,8 @@ in ForwardX11 ${if cfg.forwardX11 then "yes" else "no"} - # Allow DSA keys for now. (These were deprecated in OpenSSH 7.0.) - PubkeyAcceptedKeyTypes +ssh-dss - HostKeyAlgorithms +ssh-dss + ${optionalString (cfg.pubkeyAcceptedKeyTypes != []) "PubkeyAcceptedKeyTypes ${concatStringsSep "," cfg.pubkeyAcceptedKeyTypes}"} + ${optionalString (cfg.hostKeyAlgorithms != []) "HostKeyAlgorithms ${concatStringsSep "," cfg.hostKeyAlgorithms}"} ${cfg.extraConfig} ''; diff --git a/nixos/modules/programs/tmux.nix b/nixos/modules/programs/tmux.nix index 4a60403a2827e..3d5a37274ae2d 100644 --- a/nixos/modules/programs/tmux.nix +++ b/nixos/modules/programs/tmux.nix @@ -1,7 +1,7 @@ { config, pkgs, lib, ... }: let - inherit (lib) mkOption mkEnableOption mkIf mkMerge types; + inherit (lib) mkOption mkIf types; cfg = config.programs.tmux; |