erwin/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Wiki Activity Actions

Don't forward SSH agent globally

Browse source
This commit is contained in:
Erwin Boskma 2023-01-10 08:19:13 +01:00
parent 0e9f871ed1
commit cf312afd24
Signed by: erwin
SSH key fingerprint: SHA256:CyeNoWXd3kjX2Nwu6pDxxdS7OqmPVOy0NavA/KU/ntU
1 changed files with 0 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
home-manager/modules/ssh/default.nix
View file

@ -19,7 +19,6 @@ in
"*" = { "*" = {
identityFile = if var.workSystem then horusKey else personalKey; identityFile = if var.workSystem then horusKey else personalKey;
identitiesOnly = true; identitiesOnly = true;
forwardAgent = true;
extraOptions = { extraOptions = {
Ciphers = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr"; Ciphers = "chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr";
KexAlgorithms = "curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256"; KexAlgorithms = "curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256";
@ -48,17 +47,14 @@ in
}; };
proxy = mkIf (!var.workSystem) { proxy = mkIf (!var.workSystem) {
forwardAgent = true;
hostname = "10.0.0.251"; hostname = "10.0.0.251";
}; };
gitea = mkIf (!var.workSystem) { gitea = mkIf (!var.workSystem) {
forwardAgent = true;
hostname = "10.0.0.201"; hostname = "10.0.0.201";
}; };
drone = mkIf (!var.workSystem) { drone = mkIf (!var.workSystem) {
forwardAgent = true;
hostname = "10.0.0.202"; hostname = "10.0.0.202";
}; };