NixOS-Config/system/services/openssh.nix

23 lines
391 B
Nix

{
# Enable SSH
services = {
openssh = {
enable = true;
settings = {
PermitRootLogin = "no";
PrintLastLog = "no";
PasswordAuthentication = false;
UsePAM = false;
};
};
# Block nefarious SSH connections
fail2ban = {
enable = true;
maxretry = 5;
bantime = "5m";
ignoreIP = [ "10.0.0.0/24" ];
};
};
}