diff --git a/components/network/sshd/default.nix b/components/network/sshd/default.nix
index 1e8606e..0eb8395 100644
--- a/components/network/sshd/default.nix
+++ b/components/network/sshd/default.nix
@@ -57,6 +57,11 @@ in
         enable = true;
         settings.X11Forwarding = false;
         settings.PasswordAuthentication = false;
+
+        # We might want to remove this once, openssh is fixed everywhere:
+        # Workaround for CVE-2024-6387 and CVE-2024-6409
+        # https://github.com/NixOS/nixpkgs/pull/323753#issuecomment-2199762128
+        settings.LoginGraceTime = 0;
       };
 
       users.users.root.openssh.authorizedKeys.keyFiles = cfg.rootKeyFiles ++ defaultRootKeyFiles;