| 16 Oct 2023 |
 l0b0 | OIC, ${serverName}.wait_for_unit(service_name) doesn't wait long enough, so the next line just never talks to ssh-audit. | 06:22:36 |
| l0b0 | I think I might still need the sleep(5) then. | 06:23:00 |
 Artturin | hm yeah it just waits for active | 06:23:19 |
| l0b0 | Because there's just no way to check that the port is open without shutting down ssh-audit. | 06:23:28 |
| l0b0 | Yay, it worked! This is something I've been hoping to be able to do for years. Thank you, Artturin ! | 07:05:48 |
| Artturin | l0b0: That tests looks like it could be added to nixpkgs | 07:45:32 |
| Artturin | and added to the package | 07:46:15 |
| Artturin | * and added to the package's passthru.tests | 07:46:22 |
| Artturin | hmm well there's your ssh-server.nix and ssh-client.nix | 07:47:28 |
| Artturin | well if you can think of a way im sure it would be useful | 07:47:48 |
| Artturin | Not exactly sure what it's testing | 07:48:10 |
| l0b0 | It's checking that my configuration conforms to best practices as recommended by ssh-audit. I'm no SSH/security expert, but at least some of the recommendations make sense. | 07:49:19 |
| l0b0 | It might be useful as a demo for what could be considered a secure configuration (at least by some segment of users) "right now", rather than just using the OpenSSH defaults like NixOS does. | 07:50:41 |
| l0b0 | Just waiting for a giant 23.05 upgrade (for some reason), will have a look afterwards. | 07:51:16 |
| l0b0 | * It's checking that my configuration conforms to best practices as recommended by ssh-audit. I'm no SSH/security expert, but at least some of the recommendations (like not allowing SHA-1 algos) make sense. | 07:51:46 |
| Artturin | In reply to @vengmark2:matrix.org
Just waiting for a giant 23.05 upgrade (for some reason), will have a look afterwards. staging-next-23.05 was merged a few days ago with security fixes (curl etc) | 07:53:54 |
| l0b0 | https://github.com/NixOS/nixpkgs/pull/261356 - a bit quick, but I gotta sleep. | 08:57:20 |
| 18 Oct 2023 |
|  Alex S changed their display name from ultra (NixOS integrated with PackageKit wen) to Alex S. | 10:00:58 |
| 23 Oct 2023 |
 raitobezarius | I'm adopting https://github.com/NixOS/nixpkgs/pull/157161/files | 12:48:35 |
| raitobezarius | to try to get it sync with the timeout PR | 12:48:43 |
