mrfixit2001
commented
5 years ago ayufan: thank you for pointing these out! They are fixed in the next release, will leave open until I can get that pushed
Closed ayufan closed 4 years ago
mrfixit2001
commented
5 years ago ayufan: thank you for pointing these out! They are fixed in the next release, will leave open until I can get that pushed
ayufan
commented
5 years ago Yes, but how you ensure that there are fixed in any future release? :)
Do you have checklist of items to validate before pushing images?
mrfixit2001
commented
5 years ago Yes :) And I have added the ssh clear and regen into the boot script to run only on first boot.
mrfixit2001
commented
4 years ago Resolved in latest release
It seems that images do ship a number of data that should not be part of:
/var/logfiles.At least the 1. can be considered a security issue and bad practice: https://missingm.co/2013/07/identical-droplets-in-the-digitalocean-regenerate-your-ubuntu-ssh-host-keys-now/ and https://blog.digitalocean.com/avoid-duplicate-ssh-host-keys/.
I also wonder if images were trimmed.