View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000003 | Seda's Enhancements | Security/Permissions | public | 2024-04-06 16:17 | 2024-04-18 01:40 |
Reporter | Seda | Assigned To | Seda | ||
Priority | immediate | Severity | major | Reproducibility | always |
Status | resolved | Resolution | fixed | ||
Product Version | SE2024 | ||||
Target Version | SE2025 | Fixed in Version | SE2025 | ||
Summary | 0000003: SSH Hardening | ||||
Description | The conventions that SSH are hardened against are based on guidelines from 2015 (!). Although SE sticks with upstream defaults as much as possible (to allow for smooth upgrades), this is almost certainly not ideal. Need to move to the most up-to-date security standard in SSH possible, keys, methods, etc. Password login was already disabled for most, but there is far more too it than that. | ||||
Steps To Reproduce | N/A | ||||
Tags | No tags attached. | ||||
|
A new script designed to make it easier to deploy a partially hardened configuration is now available. This is designed to be as minimalist as possible, to allow for upstream changes by Debian maintainers to replace this configuration with the Trixie update. This is not considered resolved to my satisfaction yet. |
|
A new configuration has been deployed and is integrated in the SE upgrade/install script. This will roll out gradually to users over the next year. The configuration is designed to revert to the default Debian maintainer version with the release of Debian 13 "Trixie" as Stable. This is therefore marked as fixed in SE2025, although most of it is available now. |
Date Modified | Username | Field | Change |
---|---|---|---|
2024-04-06 16:17 | Seda | New Issue | |
2024-04-06 16:17 | Seda | Status | new => assigned |
2024-04-06 16:17 | Seda | Assigned To | => Seda |
2024-04-06 16:17 | Seda | Relationship added | child of 0000002 |
2024-04-06 18:29 | Seda | Note Added: 0000004 | |
2024-04-18 01:40 | Seda | Status | assigned => resolved |
2024-04-18 01:40 | Seda | Resolution | open => fixed |
2024-04-18 01:40 | Seda | Fixed in Version | => SE2025 |
2024-04-18 01:40 | Seda | Note Added: 0000005 |