about summary refs log tree commit diff stats
path: root/home-manager/config/ssh/default.nix
diff options
context:
space:
mode:
authorSoispha <soispha@vhack.eu>2023-07-04 08:53:24 +0200
committerSoispha <soispha@vhack.eu>2023-07-04 08:59:26 +0200
commitae92ed5df79d894af9f4ed85be8d1281f4755761 (patch)
tree36b7adea9e7a3451ea5782401732ffd0aa90da8c /home-manager/config/ssh/default.nix
parentBuild(treewide): Update (diff)
downloadnixos-config-ae92ed5df79d894af9f4ed85be8d1281f4755761.tar.gz
nixos-config-ae92ed5df79d894af9f4ed85be8d1281f4755761.zip
Fix(system/services/openssh): Don't hash know hosts
The trade off between security and convenience isn't worth it.
Diffstat (limited to 'home-manager/config/ssh/default.nix')
-rw-r--r--home-manager/config/ssh/default.nix8
1 files changed, 2 insertions, 6 deletions
diff --git a/home-manager/config/ssh/default.nix b/home-manager/config/ssh/default.nix
index 31784050..8e0820cf 100644
--- a/home-manager/config/ssh/default.nix
+++ b/home-manager/config/ssh/default.nix
@@ -1,12 +1,8 @@
-{
-  config,
-  pkgs,
-  ...
-}: {
+{config, ...}: {
   programs.ssh = {
     enable = true;
     compression = true;
-    hashKnownHosts = true;
+    hashKnownHosts = false;
     serverAliveInterval = 240;
     userKnownHostsFile = "${config.xdg.dataHome}/ssh/know_hosts";
   };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-29 09:32:56 +0000