-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Removal of deprecated options for newer openssh versions #203
Conversation
Signed-off-by: Artem Sidorenko <artem@posteo.de>
Signed-off-by: Artem Sidorenko <artem@posteo.de>
3931dfd
to
aec11f8
Compare
should not be used for openssh >=7.4 Signed-off-by: Artem Sidorenko <artem@posteo.de>
for openssh >=7.5 Signed-off-by: Artem Sidorenko <artem@posteo.de>
Signed-off-by: Artem Sidorenko <artem@posteo.de>
aec11f8
to
c9e58c2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great improvement @artem-sidorenko
@@ -0,0 +1,7 @@ | |||
control 'sshd configuration should not have any deprecations' do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is that something we should also test in the baseline?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure about this: baseline and ssh-hardening can be used independently, maybe somebody still has or wants to have deprecated options for some reasons? In the same time I wanted to ensure our template here is always up-to-date
Fixes #202
Please see the dev-sec/ssh-baseline#114 and dev-sec/ssh-baseline#116 too