pyrox.dev / nix
My Nix Configuration
fork atom
nix / nixosModules / default-config / programs / ssh.nix
at c6ae7e9ad34c0d62a738c5bb92c48564face2dc8 896 B view raw
1{ 2 programs.ssh = { 3 ciphers = [ 4 "chacha20-poly1305@openssh.com" 5 "aes256-gcm@openssh.com" 6 "aes128-gcm@openssh.com" 7 "aes256-ctr" 8 "aes192-ctr" 9 "aes128-ctr" 10 ]; 11 macs = [ 12 "umac-128-etm@openssh.com" 13 "hmac-sha2-256-etm@openssh.com" 14 "hmac-sha2-512-etm@openssh.com" 15 ]; 16 kexAlgorithms = [ 17 # Experimental, disabled for now. 18 # "sntrup761x25519-sha512@openssh.com" 19 "curve25519-sha256" 20 "curve25519-sha256@libssh.org" 21 # Disabled for being 2048-bit 22 # "diffie-hellman-group-exchange-sha256" 23 ]; 24 hostKeyAlgorithms = [ 25 "ssh-ed25519-cert-v01@openssh.com" 26 "sk-ssh-ed25519-cert-v01@openssh.com" 27 "rsa-sha2-512-cert-v01@openssh.com" 28 "rsa-sha2-256-cert-v01@openssh.com" 29 "ssh-ed25519" 30 "sk-ssh-ed25519@openssh.com" 31 "rsa-sha2-512" 32 "rsa-sha2-256" 33 ]; 34 }; 35}