Port common SSH config from extension
This commit is contained in:
parent
cc13cabad5
commit
e01c454d68
GPG key ID:
C72403E7F82E6AD8
|
|
@ -274,8 +274,8 @@ in
|
||||||
".mypy_cache"
|
".mypy_cache"
|
||||||
];
|
];
|
||||||
lfs.enable = true;
|
lfs.enable = true;
|
||||||
userEmail = "geoffrey@frogeye.fr";
|
userEmail = lib.mkDefault "geoffrey@frogeye.fr";
|
||||||
userName = "Geoffrey “Frogeye” Preud'homme";
|
userName = lib.mkDefault "Geoffrey Frogeye";
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
core = {
|
core = {
|
||||||
editor = "nvim";
|
editor = "nvim";
|
||||||
|
|
|
||||||
24
hm/ssh.nix
Normal file
24
hm/ssh.nix
Normal file
|
|
@ -0,0 +1,24 @@
|
||||||
|
{ ... }:
|
||||||
|
{
|
||||||
|
config = {
|
||||||
|
programs.ssh = {
|
||||||
|
enable = true;
|
||||||
|
controlMaster = "auto";
|
||||||
|
controlPersist = "60s"; # TODO Default is 10minutes... makes more sense no?
|
||||||
|
# Ping the server frequently enough so it doesn't think we left (non-spoofable)
|
||||||
|
serverAliveInterval = 30;
|
||||||
|
matchBlocks."*" = {
|
||||||
|
# Do not forward the agent (-A) to a machine by default,
|
||||||
|
# as it is kinda a security concern
|
||||||
|
forwardAgent = false;
|
||||||
|
# Restrict terminal features (servers don't necessarily have the terminfo for my cutting edge terminal)
|
||||||
|
sendEnv = [ "!TERM" ];
|
||||||
|
# TODO Why not TERM=xterm-256color?
|
||||||
|
extraOptions = {
|
||||||
|
# Check SSHFP records
|
||||||
|
VerifyHostKeyDNS = "yes";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue