cookbook 'r1337-sshconfig', '= 0.1.0'
r1337-sshconfig (7) Versions 0.1.0 Follow0
Configure OpenSSH with standard or hardened settings
cookbook 'r1337-sshconfig', '= 0.1.0', :supermarket
knife supermarket install r1337-sshconfig
knife supermarket download r1337-sshconfig
Chef Cookbook - r1337-sshconfig
This Chef cookbook will configure SSH on Linux servers to be compliant with Route 1337 security policies. There are a few versions of the configuration depending on the recipe that is chosen
SSH Config Recipes
- standardssh.rb is the standard recipe suitable for use on internal LANs or where networks are trusted to be secured
- hardenedssh.rb is a recipe for use in DMZs or other networks where sophisticated attacks are either expected, or where more stringent policies exist
Changes Performed
- Configures OpenSSH server with custom security settings depending on recipe selected.
- Ensures OpenSSH is installed, configured and enabled/running
Requirements
- Chef (Tested on Chef 13)
- Linux chef-clients (Tested on Ubuntu 14.04, Ubuntu 16.04 and CentOS 7.2 but kitchen will let you test anything you want)
- The openssh cookbook from Chef Supermarket
Installation Tips
- I personally use Berks to install this into my Chef server, because it's easier.
- You must set the attribute ['r1337-sshconfig']['sshpolicy'] to
hardenedif you want something stronger than the default. For most people the default is fine.
Limitations
- None so far :)
Known Issues
- None so far :)
Bug Fixes & Changes
- v0.1.0
- Initial release
Use Cases
Configuring SSH as part of a base security requirement
Dependent cookbooks
| openssh >= 0.0.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
Collaborator Number Metric
0.1.0 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.1.0 failed this metric
FC069: Ensure standardized license defined in metadata: r1337-sshconfig/metadata.rb:1
Run with Foodcritic Version 12.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
License Metric
0.1.0 failed this metric
r1337-sshconfig does not have a valid open source license.
Acceptable licenses include Apache-2.0, apachev2, Apache 2.0, MIT, mit, GPL-2.0, gplv2, GNU Public License 2.0, GPL-3.0, gplv3, GNU Public License 3.0.
No Binaries Metric
0.1.0 passed this metric
Testing File Metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.1.0 failed this metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.1.0 failed this metric
FC069: Ensure standardized license defined in metadata: r1337-sshconfig/metadata.rb:1
Run with Foodcritic Version 12.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
License Metric
0.1.0 failed this metric
r1337-sshconfig does not have a valid open source license.
Acceptable licenses include Apache-2.0, apachev2, Apache 2.0, MIT, mit, GPL-2.0, gplv2, GNU Public License 2.0, GPL-3.0, gplv3, GNU Public License 3.0.
No Binaries Metric
0.1.0 passed this metric
Testing File Metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.1.0 failed this metric
Run with Foodcritic Version 12.3.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any
0.1.0 failed this metric
r1337-sshconfig does not have a valid open source license.
Acceptable licenses include Apache-2.0, apachev2, Apache 2.0, MIT, mit, GPL-2.0, gplv2, GNU Public License 2.0, GPL-3.0, gplv3, GNU Public License 3.0.
No Binaries Metric
0.1.0 passed this metric
Testing File Metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.1.0 passed this metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.1.0 failed this metric
