Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: ssh config hardening #101

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Conversation

kevbarns
Copy link
Contributor

@kevbarns kevbarns commented Dec 2, 2024

Recommend source from audit : https://www.sshaudit.com/hardening_guides.html#ubuntu_22_04_lts

SSH Keys generation was skip as ed25519 keys are already present on server, is it needed ? cc @moroine @antoinebigard

Re-generate the RSA and ED25519 keys
rm /etc/ssh/ssh_host_*
ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""

Enable the ED25519 and RSA keys
Enable the ED25519 and RSA HostKey directives in the /etc/ssh/sshd_config file:
echo -e "\nHostKey /etc/ssh/ssh_host_ed25519_key\nHostKey /etc/ssh/ssh_host_rsa_key" >> /etc/ssh/sshd_config

@kevbarns kevbarns self-assigned this Dec 2, 2024
@kevbarns kevbarns added the enhancement New feature or request label Dec 2, 2024
@kevbarns kevbarns requested review from moroine, antoinebigard and Pomarom and removed request for moroine December 2, 2024 14:45
@kevbarns
Copy link
Contributor Author

kevbarns commented Dec 4, 2024

A tester en sandbox ⚠️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants