diff options
author | Soispha <soispha@vhack.eu> | 2023-07-04 08:53:24 +0200 |
---|---|---|
committer | Soispha <soispha@vhack.eu> | 2023-07-04 08:59:26 +0200 |
commit | ae92ed5df79d894af9f4ed85be8d1281f4755761 (patch) | |
tree | 36b7adea9e7a3451ea5782401732ffd0aa90da8c /home-manager/config/ssh | |
parent | Build(treewide): Update (diff) | |
download | nixos-config-ae92ed5df79d894af9f4ed85be8d1281f4755761.tar.gz nixos-config-ae92ed5df79d894af9f4ed85be8d1281f4755761.zip |
Fix(system/services/openssh): Don't hash know hosts
The trade off between security and convenience isn't worth it.
Diffstat (limited to '')
-rw-r--r-- | home-manager/config/ssh/default.nix | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/home-manager/config/ssh/default.nix b/home-manager/config/ssh/default.nix index 31784050..8e0820cf 100644 --- a/home-manager/config/ssh/default.nix +++ b/home-manager/config/ssh/default.nix @@ -1,12 +1,8 @@ -{ - config, - pkgs, - ... -}: { +{config, ...}: { programs.ssh = { enable = true; compression = true; - hashKnownHosts = true; + hashKnownHosts = false; serverAliveInterval = 240; userKnownHostsFile = "${config.xdg.dataHome}/ssh/know_hosts"; }; |