47 lines
No EOL
1.8 KiB
Nix
47 lines
No EOL
1.8 KiB
Nix
{ config, pkgs, ... }: {
|
|
services.openssh = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
settings = {
|
|
LogLevel = "VERBOSE"; # Used for fail2ban monitoring
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = true; # Set this to false when keys are configured
|
|
};
|
|
banner = ''
|
|
You are accessing a U.S. Government (USG) Information
|
|
System (IS) that is provided for USG-authorized use only.
|
|
|
|
By using this IS (which includes any device attached to
|
|
this IS), you consent to the following conditions:
|
|
|
|
- The USG routinely intercepts and monitors communications
|
|
on this IS for purposes including, but not limited to,
|
|
penetration testing, COMSEC monitoring, network operations
|
|
and defense, personnel misconduct (PM), law enforcement (LE),
|
|
and counterintelligence (CI) investigations.
|
|
|
|
- At any time, the USG may inspect and seize data stored on
|
|
this IS.
|
|
|
|
- Communications using, or data stored on, this IS are not
|
|
private, are subject to routine monitoring, interception,
|
|
and search, and may be disclosed or used for any USG-authorized
|
|
purpose.
|
|
|
|
- This IS includes security measures (e.g., authentication and
|
|
access controls) to protect USG interests--not for your personal
|
|
benefit or privacy.
|
|
|
|
- Notwithstanding the above, using this IS does not constitute
|
|
consent to PM, LE or CI investigative searching or monitoring
|
|
of the content of privileged communications, or work product,
|
|
related to personal representation or services by attorneys,
|
|
psychotherapists, or clergy, and their assistants. Such communications
|
|
and work product are private and confidential. See User Agreement for
|
|
details.
|
|
'';
|
|
};
|
|
|
|
# Enable GPG Agent support:
|
|
programs.gnupg.agent.enableSSHSupport = true;
|
|
} |