mirror of
https://github.com/ovh/debian-cis.git
synced 2025-06-21 18:23:42 +02:00
9.2.1_enable_cracklib.sh 9.2.2_enable_lockout_failed_password.sh 9.2.3_limit_password_reuse.sh 9.3.10_disable_sshd_setenv.sh 9.3.11_sshd_ciphers.sh 9.3.12_sshd_idle_timeout.sh 9.3.13_sshd_limit_access.sh 9.3.14_ssh_banner.sh 9.3.2_sshd_loglevel.sh 9.3.1_sshd_protocol.sh 9.3.3_sshd_conf_perm_ownership.sh 9.3.4_disable_x11_forwarding.sh 9.3.5_sshd_maxauthtries.sh 9.3.6_enable_sshd_ignorerhosts.sh 9.3.7_disable_sshd_hostbasedauthentication.sh 9.3.8_disable_root_login.sh 9.3.9_disable_sshd_permitemptypasswords.sh
This commit is contained in:
2
etc/conf.d/9.2.1_enable_cracklib.cfg
Normal file
2
etc/conf.d/9.2.1_enable_cracklib.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.2.2_enable_lockout_failed_password.cfg
Normal file
2
etc/conf.d/9.2.2_enable_lockout_failed_password.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.2.3_limit_password_reuse.cfg
Normal file
2
etc/conf.d/9.2.3_limit_password_reuse.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.3.10_disable_sshd_setenv.cfg
Normal file
2
etc/conf.d/9.3.10_disable_sshd_setenv.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.3.11_sshd_ciphers.cfg
Normal file
2
etc/conf.d/9.3.11_sshd_ciphers.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
5
etc/conf.d/9.3.12_sshd_idle_timeout.cfg
Normal file
5
etc/conf.d/9.3.12_sshd_idle_timeout.cfg
Normal file
@ -0,0 +1,5 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
||||
# In seconds, value of ClientAliveInterval, ClientAliveCountMax bedoing set to 0
|
||||
# Settles sshd idle timeout
|
||||
SSHD_TIMEOUT=900
|
9
etc/conf.d/9.3.13_sshd_limit_access.cfg
Normal file
9
etc/conf.d/9.3.13_sshd_limit_access.cfg
Normal file
@ -0,0 +1,9 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
||||
|
||||
# Put here ssh user hardening list, there is a default in script to not break your configuration
|
||||
# However, it can erase current configuration
|
||||
ALLOWED_USERS=''
|
||||
ALLOWED_GROUPS=''
|
||||
DENIED_USERS=''
|
||||
DENIED_GROUPS=''
|
4
etc/conf.d/9.3.14_ssh_banner.cfg
Normal file
4
etc/conf.d/9.3.14_ssh_banner.cfg
Normal file
@ -0,0 +1,4 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
||||
# Put here banner file, default to /etc/issue.net
|
||||
BANNER_FILE=""
|
2
etc/conf.d/9.3.1_sshd_protocol.cfg
Normal file
2
etc/conf.d/9.3.1_sshd_protocol.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.3.2_sshd_loglevel.cfg
Normal file
2
etc/conf.d/9.3.2_sshd_loglevel.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.3.3_sshd_conf_perm_ownership.cfg
Normal file
2
etc/conf.d/9.3.3_sshd_conf_perm_ownership.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.3.4_disable_x11_forwarding.cfg
Normal file
2
etc/conf.d/9.3.4_disable_x11_forwarding.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.3.5_sshd_maxauthtries.cfg
Normal file
2
etc/conf.d/9.3.5_sshd_maxauthtries.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.3.6_enable_sshd_ignorerhosts.cfg
Normal file
2
etc/conf.d/9.3.6_enable_sshd_ignorerhosts.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.3.8_disable_root_login.cfg
Normal file
2
etc/conf.d/9.3.8_disable_root_login.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
2
etc/conf.d/9.3.9_disable_sshd_permitemptypasswords.cfg
Normal file
2
etc/conf.d/9.3.9_disable_sshd_permitemptypasswords.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# Configuration for script of same name
|
||||
status=enabled
|
Reference in New Issue
Block a user