Skip to content

Latest commit

 

History

History
291 lines (226 loc) · 26.7 KB

CHANGELOG.md

File metadata and controls

291 lines (226 loc) · 26.7 KB

Change Log

v2.3.0 (2017-12-19)

Full Changelog

Closed issues:

  • remove ripemd from MAC list #185
  • allowtcpforwarding with sftp enabled is declared twice #182

Merged pull requests:

v2.2.1 (2017-08-22)

Full Changelog

Closed issues:

  • The cookbooks fails on Amazon Linux. #180

Merged pull requests:

v2.2.0 (2017-06-18)

Full Changelog

Closed issues:

  • Issues on OpenSuse Leap 42.2 #177
  • Chef 13 support #174

Merged pull requests:

v2.1.0 (2017-04-19)

Full Changelog

Implemented enhancements:

  • Suse support missing in metadata #170

Merged pull requests:

v2.0.0 (2017-02-06)

Full Changelog

Implemented enhancements:

Fixed bugs:

  • IPv6 is not working still if its enabled #140

Closed issues:

  • Possibly missing locale handling #160
  • Verify the current crypto settings #162
  • Error message about DSA key on RHEL 7 #158
  • Attributes should be in the own namespace ssh-hardening #142
  • Move entire crypto parameter configuration in tests to the centralized place #137
  • Move UsePrivilegeSeparation.get to the new library #136
  • Release 2.0.0 #133
  • configure log level #117
  • UsePAM should probably default to yes on Red Hat Linux 7 #96
  • refactor library kex and cipher implementation #87
  • prohibit use of weak dh moduli #65
  • Harmonize API #53
  • SSH rootkey configuration is too open #16

Merged pull requests:

v1.3.0 (2016-11-23)

Full Changelog

Implemented enhancements:

Closed issues:

  • Allow to configure ChallengeResponseAuthentication (currently it's hardcoded to no) #125
  • Make LoginGraceTime configurable #116
  • Allow to configure MaxAuthTries #100

Merged pull requests:

v1.2.1 (2016-09-25)

Full Changelog

Implemented enhancements:

Merged pull requests:

  • Fix deprecation warnings #123 (operatingops)
  • Use bracket syntax in attributes/default.rb #121 (aried3r)
  • Use new ciphers, kex, macs and priv separation sandbox for redhat family 7 #119 (atomic111)
  • change hardening-io to dev-sec domain for build status and code coverage #118 (atomic111)

v1.2.0 (2016-05-29)

Full Changelog

Implemented enhancements:

Closed issues:

  • SFTP not configurable #110
  • default to 'UseRoaming no' #109
  • Consider using blank config_disclaimer by default #94

Merged pull requests:

v1.1.0 (2015-04-28)

Full Changelog

Closed issues:

  • Use new "UseDNS" openssh default #81
  • UseDNS no #79
  • Debian 8.0 (Jessie) ships with OpenSSH 6.7p1, enable modern algos #77
  • Allow management of allow/deny users #75
  • update tutorial.md #55

Merged pull requests:

  • add Debian 8 to local test-kitchen #84 (chris-rock)
  • Modern alogs for Jessie #83 (Rockstar04)
  • Update README and use OpenSSH defaults for UseDNS #82 (aried3r)
  • Make UseDNS configurable #80 (aried3r)
  • update common readme badges #78 (arlimus)
  • Allow deny users to be managed from attributes #76 (Rockstar04)
  • fix typo in opensshdconf.erb, remove trailing whitespace #74 (zachallett)
  • bugfix: adjust travis to work with chef12/ruby2 #73 (arlimus)
  • add privilege separation via sandbox mode for ssh >= 5.9 #72 (arlimus)
  • Adding attributes to enable printing the MOTD. #71 (dmerrick)

v1.0.3 (2015-01-14)

Full Changelog

Closed issues:

  • Suggestion: Don't populate /root/.ssh/authorized_keys by default #69
  • prefer etm MACs #66
  • disable sha1-based key exchanges #64

Merged pull requests:

  • remove sha1 key-exchange mechanisms from default #70 (arlimus)
  • reprioritize etm macs #68 (arlimus)

v1.0.2 (2015-01-12)

Closed issues:

  • release on supermarket #62
  • host_key_files should not include ssh_host_ecdsa_key on every host #61
  • Protocol 1 options while SSH 2 is hard coded #57
  • Configuration of root keys via databag and attributes #37
  • Bad ciphers on debian 7.0 #25
  • update ssh service on changes #24

Merged pull requests:

* This Change Log was automatically generated by github_changelog_generator