alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity
9ea14de6f5
ansible-personal/roles/common/templates
History
Alan Orth 9ea14de6f5
roles/common: Remove Encrypt-and-MAC modes from Ubuntu 20.04 sshd_config 
Recommended by ssh-audit, but also generally the concensus for a few
years that Encrypt-and-MAC is hard to get right. OpenSSH has several
Encrypt-then-MAC schemes available so we can use those.

See: https://www.daemonology.net/blog/2009-06-24-encrypt-then-mac.html
2021-07-22 12:48:12 +03:00
..
etc roles/common: Remove storage-specific tweaks 2020-07-14 09:10:07 +03:00
public.xml.j2 roles/common: Add Spamhaus DROP lists to firewalld ipsets 2021-07-21 09:34:51 +03:00
rc.local_Ubuntu.j2 roles/common: Remove I/O scheduler logic from rc.local 2015-03-15 17:40:54 +03:00
security.sources.list.j2 roles/common: Update security.sources.list for cron-apt 2019-07-06 21:16:19 +03:00
sources.list.j2 roles/common: Remove buster-backports 2019-10-18 22:56:52 +03:00
sshd_config_Debian-10.j2 roles/common: Increase ssh MaxAuthTries from 3 to 4 2019-09-15 15:17:00 +03:00
sshd_config_Ubuntu-18.04.j2 roles/common: Increase ssh MaxAuthTries from 3 to 4 2019-09-15 15:17:00 +03:00
sshd_config_Ubuntu-20.04.j2 roles/common: Remove Encrypt-and-MAC modes from Ubuntu 20.04 sshd_config 2021-07-22 12:48:12 +03:00
sysctl_Debian.j2 roles/common: Add sysctl template for Debian hosts 2015-08-23 00:12:17 +03:00
sysctl_Ubuntu.j2 roles/common: Remove logic for TCP congestion avoidance on early kernels in sysctl 2015-03-15 17:25:33 +03:00
tarsnap_sources.list.j2 roles/common: Use stable tarsnap 2019-09-13 22:14:49 +03:00