-
An exemplary config you can probably just copy can be found here: https://github.com/dr460nf1r3/dr460nixed/blob/main/nixos/modules/hardening.nix#L126
This applies all suggestions from [ssh-audit](h…
-
### Description
As title say.
### Reproduction steps
```Shell
# molecule check -s ssh_hardening
WARNING Driver docker does not provide a schema.
INFO ssh_hardening scenario test matrix: depe…
-
### Description
Running os_hardening again Ubuntu 24.04 (on Pi5).
### Reproduction steps
```Shell
...
Run a playbook much like this:
- name: "Roles which apply to all hosts."
hosts:
…
-
- [x] fail2ban?
- [ ] config hardening? See https://infosec.mozilla.org/guidelines/openssh or https://www.sshaudit.com/hardening_guides.html
-
**Is your feature request related to a problem? Please describe.**
I run the ssh role from [dev-sec/ansible-collection-hardening](https://github.com/dev-sec/ansible-collection-hardening/) on an…
-
Thank you for all the effort put into `goss`, and for making it open source.
Context: We currently use `chef-zero` and `inspec` and are looking to migrate to `salt` and `goss` as we migrate we thou…
-
Maybe following CIS guidelines to thing about:
CIS - 9.3.1 Set SSH Protocol to 2
CIS - 9.3.2 Set LogLevel to INFO
CIS - 9.3.3 Set Permissions on /etc/ssh/sshd_config
CIS - 9.3.(4,7,8,9,10) Disab…
-
### Description
I have installed latest ansible. I am running Python 2.7. Ansible is installed using pip.
This is my playbook:
```
- hosts: newhardenings
become: true
gather_facts: tru…
-
### Description
It would be nice to have support for Alpine Linux in the various parts of this collection. In particular I'm interested in the SSH hardening part. Better security automation for a pop…
-
**Describe the bug**
SSH hardening regressed on Amazon Linux 1, no package `policycoreutils-python-utils` exists.
**Expected behavior**
Cookbook completes w/o error.
**Actual behavior**
```…