diff --git a/debian/control b/debian/control
index 99871c4..ecf129e 100644
--- a/debian/control
+++ b/debian/control
@@ -119,6 +119,9 @@ Description: enhances misc security settings
  .
   * The kernel panics on oopses to prevent it from continuing to run a flawed
  process and to deter brute forcing.
+ .
+  * Restricts the SysRq key so it can only be used for shutdowns and the
+  Secure Attention Key.
  .
   * Restricts loading line disciplines to CAP_SYS_MODULE.
  .
diff --git a/etc/sysctl.d/30_security-misc.conf b/etc/sysctl.d/30_security-misc.conf
index 8305bd1..846670e 100644
--- a/etc/sysctl.d/30_security-misc.conf
+++ b/etc/sysctl.d/30_security-misc.conf
@@ -119,6 +119,13 @@ net.ipv4.tcp_timestamps=0
 
 #### meta end
 
+
+## Only allow the SysRq key to be used for shutdowns and the
+## Secure Attention Key (SAK).
+##
+## https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079/
+kernel.sysrq=132
+
 ## Restrict loading line disciplines to CAP_SYS_MODULE to prevent
 ## unprivileged attackers from loading vulnerable line disciplines
 ## with the TIOCSETD ioctl to exploit them.