-
When we harden the OS via content, some services may either not work, or have degraded functionality. This may be tracked by looking at their journal logs before vs after hardening, ideally on boot (a…
comps updated
5 months ago
-
**Describe the bug**
SSH hardening regressed on Amazon Linux 1, no package `policycoreutils-python-utils` exists.
**Expected behavior**
Cookbook completes w/o error.
**Actual behavior**
```…
-
**Describe the bug**
The parameter os_auth_pw_remember has no effect on Ubuntu/Debian as far as I can tell, but this is not documented anywhere.
**Expected behavior**
os_auth_pw_remember should c…
-
https://github.com/dev-sec/ansible-ssh-hardening
https://github.com/dev-sec/ansible-os-hardening
I need to look through these Ansible roles and see if they are a suitable replacement. I have not look…
-
It would be handy if it would be possible to define test parameters for a test as a part of a test name.
Example how it could look like:
```
discover:
test:
- /my/test/foo?PARAM1=bar&PARAM2…
-
Are there any additional steps users can take to extra harden their nextox that are not enabled by default? Should there be a list of such possible hardening measures? There are at least a few nextclo…
-
### The problem you're addressing (if any)
Qubes OS is marketed as "a reasonably secure operating system", leading users to expect comprehensive security hardening across all aspects of the system.…
-
**Describe the bug**
The subject option has been deprecated since OpenSSH 7.5 (https://www.openssh.com/txt/release-7.5), hence the check shall be conditional.
**Expected behavior**
No error
**…
-
### Description
The `hardeningDisable` argument to `stdenv.mkDerivation` should also be able to be used as an environment variable. This is according to the official [documentation](https://nixos.…
-
### Description
We are setting a maximum password age in `/etc/login.defs`. This automatically applies to all created users and also affects users without a password, eg. when creating a user to use …