From 869c2c597848a29afc2a5610cd402fef46f45c05 Mon Sep 17 00:00:00 2001
From: L-Nafaryus <l.nafaryus@gmail.com>
Date: Fri, 9 Feb 2024 19:14:20 +0500
Subject: [PATCH] catarina: restict ssh kbd interactive auth

---
 nixosConfigurations/astora/default.nix    | 1 +
 nixosConfigurations/catarina/default.nix  | 1 +
 nixosConfigurations/catarina/hardware.nix | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/nixosConfigurations/astora/default.nix b/nixosConfigurations/astora/default.nix
index 15b3b3f..d97810d 100644
--- a/nixosConfigurations/astora/default.nix
+++ b/nixosConfigurations/astora/default.nix
@@ -67,6 +67,7 @@
         enable = true;
         startWhenNeeded = true;
         settings.PasswordAuthentication = false;
+        settings.KbdInteractiveAuthentication = false;
     };
 
     services.udev = {
diff --git a/nixosConfigurations/catarina/default.nix b/nixosConfigurations/catarina/default.nix
index a2c4fd4..fb79661 100644
--- a/nixosConfigurations/catarina/default.nix
+++ b/nixosConfigurations/catarina/default.nix
@@ -66,6 +66,7 @@ rec {
         enable = true;
         startWhenNeeded = true;
         settings.PasswordAuthentication = false;
+        settings.KbdInteractiveAuthentication = false;
     };
 
     services.udev = {
diff --git a/nixosConfigurations/catarina/hardware.nix b/nixosConfigurations/catarina/hardware.nix
index f3a6a44..06a6445 100644
--- a/nixosConfigurations/catarina/hardware.nix
+++ b/nixosConfigurations/catarina/hardware.nix
@@ -109,7 +109,7 @@
 
         firewall = {
             enable = true;
-            allowedTCPPorts = [ 80 443 3001 25600 ];
+            allowedTCPPorts = [ 80 443 3001 25600 8080 ];
         };
 
         interfaces.enp9s0.ipv4.addresses = [ {