moritz/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

fix: openssh CVE-2024-6387

Browse source
This commit is contained in:
Moritz Böhme 2024-07-01 21:39:05 +02:00
parent 72def5c785
commit 189036f2c8
No known key found for this signature in database
GPG key ID: 970C6E89EB0547A9
2 changed files with 5 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/security/default.nix
View file

@ -1,5 +1,6 @@
{ config
, lib
, pkgs
, ...
}: {
## System security tweaks
@ -69,6 +70,7 @@
# SSH
services.openssh = {
package = pkgs.master.openssh; # HACK: to fix CVE-2024-6387
settings = {
# Disable ssh password login
PasswordAuthentication = lib.mkDefault false;