config

History

Andy Ning b91d206f56 Remove sha1 based kex algorithms This patch hardened server configuration including removing sha1 based kex algorithms from the manifest template that puppet uses to generate the configuration file sshd_config. It also removed hardcoded sshd_config and ssh_config from repo, replaced them with patches to openssh that harden both server and client configuration. This is particularly to address the requirements that the system should be hardened from the very first boot up (before it is configured by manifest apply) It also removed old obsolete patch files in openssh directory to avoid confusions. Change-Id: Ic34bebfd88f46cade3596d920a00311f9aa5980f Signed-off-by: Andy Ning <andy.ning@windriver.com>	2018-06-28 22:07:37 -04:00
..
centos	StarlingX open source release updates	2018-05-31 07:35:52 -07:00
src	Remove sha1 based kex algorithms	2018-06-28 22:07:37 -04:00

Andy Ning b91d206f56 Remove sha1 based kex algorithms

This patch hardened server configuration including removing sha1 based
kex algorithms from the manifest template that puppet uses to generate
the configuration file sshd_config.

It also removed hardcoded sshd_config and ssh_config from repo, replaced
them with patches to openssh that harden both server and client
configuration.
This is particularly to address the requirements that the system should
be hardened from the very first boot up (before it is configured by
manifest apply)

It also removed old obsolete patch files in openssh directory to avoid
confusions.

Change-Id: Ic34bebfd88f46cade3596d920a00311f9aa5980f
Signed-off-by: Andy Ning <andy.ning@windriver.com>

2018-06-28 22:07:37 -04:00

centos

StarlingX open source release updates

2018-05-31 07:35:52 -07:00

src

Remove sha1 based kex algorithms

2018-06-28 22:07:37 -04:00