Security changes...ssh/firewall
This commit is contained in:
parent
5e73c697d5
commit
977a67e2fd
1 changed files with 3 additions and 2 deletions
|
|
@ -140,7 +140,7 @@
|
|||
# And system-specific settings:
|
||||
users.users.wolcen = {
|
||||
description = "Chris Thompson";
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEdxdKYrlwOolJpYxvWu6gW/60pzT6aKN6JHhnTSBFqN wolcen@typhoon" ];
|
||||
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEdxdKYrlwOolJpYxvWu6gW/60pzT6aKN6JHhnTSBFqN wolcen@typhoon" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTFJeOIRwEw09EhFdssRHOdb+T7o84FC+ULMQzXDewE wolcen@wolcen-ThinkPad-X220" ];
|
||||
extraGroups = [ "networkmanager" "wheel" "docker" "dialout" ];
|
||||
};
|
||||
|
||||
|
|
@ -163,7 +163,7 @@
|
|||
|
||||
# For xdebug...verify actual necessity
|
||||
# Have had to use this, but I think it can be disabled still - perhaps w/xdebug binding setting...don't know.
|
||||
networking.firewall.allowedTCPPorts = [ 9003 ];
|
||||
#networking.firewall.allowedTCPPorts = [ 9003 ];
|
||||
# Allow unfree packages
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
|
|
@ -273,6 +273,7 @@
|
|||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
services.openssh.ports = [ 2112 ]; # must be a list...for some reason.
|
||||
services.openssh.settings.PasswordAuthentication = false;
|
||||
# Enable mobile shell (for roaming, intermittent connectivity, etc)
|
||||
programs.mosh.enable = true;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue