Disable password login via SSH in apex

Enable fail2ban in apex login node
We are seeing a lot of failed attempts from the same IPs: apex% sudo journalctl -u sshd -b0 | grep 'Failed password' | wc -l 2441
2025-11-20 15:21:14 +01:00 · 2025-11-20 15:17:06 +01:00
1 changed files with 5 additions and 0 deletions
--- a/m/apex/configuration.nix
+++ b/m/apex/configuration.nix
@ -57,6 +57,11 @@
    };
  };
  services.fail2ban.enable = true;
  # Disable SSH login with password, allow only keypair
  services.openssh.settings.PasswordAuthentication = false;
  networking.firewall = {
    extraCommands = ''
      # Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our
Author	SHA1	Message	Date
Rodrigo Arias Mallo	341551d5ba	Disable password login via SSH in apex All checks were successful CI / build:cross (pull_request) Successful in 12s Details CI / build:all (pull_request) Successful in 15s Details	2025-11-20 15:21:14 +01:00
Rodrigo Arias Mallo	2d2762d4ec	Enable fail2ban in apex login node We are seeing a lot of failed attempts from the same IPs: apex% sudo journalctl -u sshd -b0 \| grep 'Failed password' \| wc -l 2441	2025-11-20 15:17:06 +01:00