Added mailserver submodule; OpenSSH now logs sftp access.

This commit is contained in:
Kevin Baensch 2019-02-26 14:10:58 +01:00
parent 9003080a64
commit 764f126524
3 changed files with 8 additions and 0 deletions

3
.gitmodules vendored Normal file
View file

@ -0,0 +1,3 @@
[submodule "services/mailserver"]
path = services/mailserver
url = ssh://git@git.ophanim.de/derped/nixos-mailserver.git

1
services/mailserver Submodule

@ -0,0 +1 @@
Subproject commit 2c59de8dcba6ec7ca386391cb139b06e40450bdd

View file

@ -1,8 +1,12 @@
{ config, lib, pkgs, ... }:
# For reference:
# https://infosec.mozilla.org/guidelines/openssh.html
# https://stribika.github.io/2015/01/04/secure-secure-shell.html
{
services.openssh = {
enable = true;
sftpFlags = [ "-f AUTHPRIV" "-l INFO" ];
startWhenNeeded = true;
challengeResponseAuthentication = false;
passwordAuthentication = false;