Removed nonexistent option fron openssh config. Whitelist localhost in fail2ban.

This commit is contained in:
Kevin Baensch 2019-03-25 01:41:26 +01:00
parent 31aa2297a4
commit f6aed0e2a1
2 changed files with 1 additions and 1 deletions

View file

@ -9,6 +9,7 @@ mkIf (elem "fail2ban" config.machine.services) {
jails = { jails = {
DEFAULT = '' DEFAULT = ''
bantime = 3600 bantime = 3600
ignoreip = 127.0.0.1
logpath = /var/log/auth.log logpath = /var/log/auth.log
''; '';

View file

@ -17,7 +17,6 @@ mkIf (elem "openssh" config.machine.services) {
permitRootLogin = "no"; permitRootLogin = "no";
extraConfig = '' extraConfig = ''
UsePAM no UsePAM no
UseRoaming no
AllowUsers derped git nix-ssh AllowUsers derped git nix-ssh
UsePrivilegeSeparation sandbox UsePrivilegeSeparation sandbox
LogLevel VERBOSE LogLevel VERBOSE