Compare commits
1 commit
| Author | SHA1 | Date | |
|---|---|---|---|
|
9650d4970a |
40
README.md
40
README.md
|
|
@ -48,35 +48,29 @@ SSH versions
|
|||
------------
|
||||
- 6.0: [_] Debian 7 "wheezy"
|
||||
- 6.5: (support for `curve25519-sha256@libssh.org`, `ssh-ed25519`, `chacha20-poly1305@openssh.com`)
|
||||
- 6.6: ✅ Ubuntu 14.04 "trusty"
|
||||
- 6.7: ✅ Debian 8 "jessie"
|
||||
- 6.6: Ubuntu 14.04 "trusty"
|
||||
- 6.7: [_] Debian 8 "jessie"
|
||||
- 7.0:
|
||||
- 7.1:
|
||||
- 7.2: ✅ Ubuntu 16.04 "xenial"
|
||||
- 7.4: ✅ Debian 9 "stretch", ✅ RedHat 7 - (added `curve25519-sha256`)
|
||||
- 7.6: ✅ Ubuntu 18.04 "bionic"
|
||||
- 7.2: Ubuntu 16.04 "xenial"
|
||||
- 7.4: Debian 9 "stretch", RedHat 7 - (added `curve25519-sha256`)
|
||||
- 7.6: Ubuntu 18.04 "bionic"
|
||||
- 7.7:
|
||||
- 7.8:
|
||||
- 7.9: ✅ Debian 10 "buster"
|
||||
- 8.0: ✅ RedHat 8
|
||||
- 8.1: ✅ Suse 15.2
|
||||
- 8.2: ✅ Ubuntu 20.04 "focal"
|
||||
- 7.9: Debian 10 "buster"
|
||||
- 8.0: RedHat 8
|
||||
- 8.1: Suse 15.2
|
||||
- 8.2: Ubuntu 20.04 "focal"
|
||||
- 8.3:
|
||||
- 8.4: ✅ Alpine 3.13, ✅ Debian 11 "bullseye", ✅ Fedora 33, ✅ OpenSUSE 15.3/15.4
|
||||
- 8.4: Alpine 3.13, Debian 11 "bullseye", Fedora 33, OpenSUSE 15.3/15.4
|
||||
- 8.5: (added `sntrup761x25519-sha512@openssh.com`)
|
||||
- 8.6: ✅ Alpine 3.14, ✅ Fedora 34
|
||||
- 8.7: ✅ Fedora 35
|
||||
- 8.8: ✅ Alpine 3.15, ✅ Fedora 36, ✅ Fedora 37
|
||||
- 8.9: ✅ Ubuntu 22.04 "jammy"
|
||||
- 9.0: ✅ Alpine 3.16, ✅ Fedora 38, ✅ Ubuntu 22.10 "kinetic", ✅ Ubuntu 23.04 "lunar"
|
||||
- 9.1: ✅ Alpine 3.17
|
||||
- 9.2: ✅ Debian 12 "bookworm"
|
||||
- 9.3: ✅ Alpine 3.18, ✅ Fedora 39, ✅ Ubuntu 23.10 "mantic"
|
||||
- 9.4:
|
||||
- 9.5:
|
||||
- 9.6: ✅ Alpine 3.19, Fedora 40, Ubuntu 24.04 "noble"
|
||||
- 9.7: ✅ Alpine 3.20
|
||||
- 9.8: Archlinux, ✅ Voidlinux
|
||||
- 8.6: Alpine 3.14, Fedora 34
|
||||
- 8.7: Fedora 35
|
||||
- 8.8: Alpine 3.15, Fedora 36, Fedora 37
|
||||
- 8.9: Ubuntu 22.04 "jammy"
|
||||
- 9.0: Alpine 3.16, Ubuntu 22.10 "kinetic"
|
||||
- 9.1: Alpine 3.17
|
||||
- 9.2: Archlinux, Voidlinux, (Debian 12 "bookworm")
|
||||
|
||||
License
|
||||
-------
|
||||
|
|
|
|||
|
|
@ -62,13 +62,6 @@
|
|||
notify: Restart SSH
|
||||
|
||||
|
||||
- name: "Ensure ED25519 hostkey is available"
|
||||
openssh_keypair:
|
||||
path: /etc/ssh/ssh_host_ed25519_key
|
||||
type: ed25519
|
||||
when: '"ed25519" in ssh_hardening_hostkeys'
|
||||
|
||||
|
||||
- name: "Renew RSA hostkeys if too short"
|
||||
openssh_keypair:
|
||||
path: /etc/ssh/ssh_host_rsa_key
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: Check for Include directory
|
||||
shell: "awk '/^[^#]*Include/ { print $2; }' /etc/ssh/sshd_config"
|
||||
shell: "awk '/Include/ { print $2; }' /etc/ssh/sshd_config"
|
||||
changed_when: False
|
||||
register: ssh_hardening_includedir
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
ssh_hardening_root_group: wheel
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
ssh_hardening_root_group: wheel
|
||||
|
||||
ssh_hardening_moduli: /etc/moduli
|
||||
ssh_hardening_moduli_backup: /etc/moduli.not-hardened
|
||||
|
||||
|
|
@ -1 +0,0 @@
|
|||
ssh_6.6.yml
|
||||
Loading…
Reference in a new issue