|
|
33cdcc9ad1
|
roles/common: Add a few SHA-2 MACs to sshd_config
Fixes a problem with Paramiko, which Ansible uses for transport.
See: http://www.paramiko.org/changelog.html#1.16.0
See: https://github.com/ilri/rmg-ansible-public/issues/37
|
2016-08-16 14:24:53 +03:00 |
|
|
|
973b37be4e
|
roles/common: Tweak sshd_config to match NSA Suite B recommendations
NSA stopped recommending AES-128 in August, 2015...
Before: https://web.archive.org/web/20150403110658/https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
After: https://web.archive.org/web/20150815072948/https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
I don't see why we shouldn't follow suit; maybe they know something
we don't!
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2015-09-02 16:55:51 +03:00 |
|
|
|
8b336352d7
|
roles/common: Only allow ssh access by provisioning user
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2015-09-02 12:24:11 +03:00 |
|
|
|
96fe209843
|
roles/common: Fix mode on Debian 8 sshd_config
Accidentally added it with 777.
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2015-08-23 00:02:39 +03:00 |
|
|
|
7519995153
|
roles/common: Add Debian 8 sshd_config
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2015-08-23 00:02:39 +03:00 |
|
