-
**Describe the bug**
After applying devsec.hardening.os_hardening role with the default settings the /usr/libexec/pcp/bin/pmlogger_daily command (and pmlogger_daily.service) fails. pmlogger_daily is…
-
**Is your feature request related to a problem? Please describe.**
Currently we have two variables that control the motd:
```
ssh_print_motd
Default: false
Description: false to disab…
-
deploying and m5.large with an encrypted and non encrypted volume then rebooting the system cause the mountpoint to get swapped with the volume attaching point
```
[nix-shell:~/src/nixos-hardening…
-
while hardening my authorized_keys to known DNS Names and IPv4/IPv6 addresses, i found a hwoto on [ University of Cambridge - Computer Laboratory: Using SSH to connect to the Lab](http://www.cl.cam.ac…
-
The current approach to select Cipher/Kex/MAC based on the distribution name and the OS release is not very good. It does not account for
- OS release's default version and running version getting out…
-
I have a Nextbox set up with deSEC dynDNS. I can easily SSH to it on the local network, using the SSH key provided in the nitrokey app.
Is there an easy way to SSH to the nextbox from outside the loc…
-
Hello. Firstly the script asked me to enter an SSH key of my local workstation. I had no idea what to enter and where to get that SSH key. Would be nice to have more info on this.
I skipped this and …
-
@DavidBeavan and I have seen intermittent issues with SSH into VMs. We _hope_ we've fixed this by upgrading to the devsec.hardening collection. But leaving this issue here to track error messages if i…
-
> Apologizes for not digging in more to see if I couldn't answer more of these myself, but asking this more to get opinions on how practical it is...
How much of the chef based hardening should or s…
-