movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-15 05:59:17 +03:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #40686 from Izorkin/ssh

Browse source 
ssh: custom config key types
This commit is contained in:
Daiderd Jordan 2018-07-21 11:57:41 +02:00 committed by GitHub
commit e2444a433f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 25 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

28
nixos/modules/programs/ssh.nix
View file

@ -61,6 +61,29 @@ in
'';
};
# Allow DSA keys for now. (These were deprecated in OpenSSH 7.0.)
pubkeyAcceptedKeyTypes = mkOption {
type = types.listOf types.str;
default = [
"+ssh-dss"
];
example = [ "ssh-ed25519" "ssh-rsa" ];
description = ''
Specifies the key types that will be used for public key authentication.
'';
};
hostKeyAlgorithms = mkOption {
type = types.listOf types.str;
default = [
"+ssh-dss"
];
example = [ "ssh-ed25519" "ssh-rsa" ];
description = ''
Specifies the host key algorithms that the client wants to use in order of preference.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
@ -188,9 +211,8 @@ in
ForwardX11 ${if cfg.forwardX11 then "yes" else "no"}
# Allow DSA keys for now. (These were deprecated in OpenSSH 7.0.)
PubkeyAcceptedKeyTypes +ssh-dss
HostKeyAlgorithms +ssh-dss
PubkeyAcceptedKeyTypes ${concatStringsSep "," cfg.pubkeyAcceptedKeyTypes}
HostKeyAlgorithms ${concatStringsSep "," cfg.hostKeyAlgorithms}
${cfg.extraConfig}
'';