The title says it all: I tried to find out relevant options with nix option search but wasn’t able to find something that I could use. And similarly, some of the web query trials didn’t give anything relevant (or I just didn’t see it).
I’d like to add e.g. SHA_CRYPT_MIN_ROUNDS and similar MAX value into the login.defs. And add some general purpose configuration like setting the expire dates (max) and add PAM modules for password quality control etc.
Any related blog posts or sections on documentation on how to do these things with NixOs?
Late additions:
I run lynis audit system --quick
and I think that the overall score was a bit too low. Some of the suggestions that lynis gives, are probably meaningless on a single user case, or otherwise on a category of a bit naive operations. But there were a whole set of suggestions that were much more important. I’ll open another thread for it.