11ec95b779
Harden sshd configuration by adding KexAlgorithms, Ciphers and MACs for sshd, following good pratices on https://infosec.mozilla.org/guidelines/openssh Change-Id: I3051320d867a5033e82deef10c5e723ca9829884 Co-Authored-By: Nicolas Hicher <nhicher@redhat.com>
7 lines
368 B
YAML
7 lines
368 B
YAML
---
|
|
security:
|
|
- a new post-install script was added in openssh-server element to ensure
|
|
KexAlgorithms, Ciphers and MACs for sshd_config will be configured following
|
|
good pratices on https://infosec.mozilla.org/guidelines/openssh. This option
|
|
is activated by default, users can set DIB_OPENSSH_SERVER_HARDENING to 0 to
|
|
disable this sshd configuration
|