View Issue Details

IDProjectCategoryView StatusLast Update
0000003Seda's EnhancementsSecurity/Permissionspublic2024-04-18 01:40
ReporterSeda Assigned ToSeda  
Status resolvedResolutionfixed 
Product VersionSE2024 
Target VersionSE2025Fixed in VersionSE2025 
Summary0000003: SSH Hardening
DescriptionThe conventions that SSH are hardened against are based on guidelines from 2015 (!). Although SE sticks with upstream defaults as much as possible (to allow for smooth upgrades), this is almost certainly not ideal.

Need to move to the most up-to-date security standard in SSH possible, keys, methods, etc. Password login was already disabled for most, but there is far more too it than that.
Steps To ReproduceN/A
TagsNo tags attached.


child of 0000002 assignedSeda Harden Security of Default Configuration 



2024-04-06 18:29

administrator   ~0000004

A new script designed to make it easier to deploy a partially hardened configuration is now available. This is designed to be as minimalist as possible, to allow for upstream changes by Debian maintainers to replace this configuration with the Trixie update.

This is not considered resolved to my satisfaction yet.


2024-04-18 01:40

administrator   ~0000005

A new configuration has been deployed and is integrated in the SE upgrade/install script. This will roll out gradually to users over the next year. The configuration is designed to revert to the default Debian maintainer version with the release of Debian 13 "Trixie" as Stable.

This is therefore marked as fixed in SE2025, although most of it is available now.

Issue History

Date Modified Username Field Change
2024-04-06 16:17 Seda New Issue
2024-04-06 16:17 Seda Status new => assigned
2024-04-06 16:17 Seda Assigned To => Seda
2024-04-06 16:17 Seda Relationship added child of 0000002
2024-04-06 18:29 Seda Note Added: 0000004
2024-04-18 01:40 Seda Status assigned => resolved
2024-04-18 01:40 Seda Resolution open => fixed
2024-04-18 01:40 Seda Fixed in Version => SE2025
2024-04-18 01:40 Seda Note Added: 0000005