fix(ssh): enforce SSH public key authentication only in depth
This commit is contained in:
@@ -20,6 +20,7 @@ in
|
||||
services.openssh.settings = optionalAttrs cfg.harden {
|
||||
PermitRootLogin = "no";
|
||||
PasswordAuthentication = false;
|
||||
AuthenticationMethods = "publickey";
|
||||
KbdInteractiveAuthentication = false;
|
||||
ChallengeResponseAuthentication = false;
|
||||
X11Forwarding = false;
|
||||
|
||||
Reference in New Issue
Block a user