ssh-baseline icon indicating copy to clipboard operation
ssh-baseline copied to clipboard

Published 20 hours ago verified publisher icon dev-sec

WIP: ssh baseline refactoring.

Open JHeinzde opened this issue 5 years ago • 2 comments

This is a WIP refactoring of the ssh baseline to match the chef-ssh-hardening implementation.

JHeinzde avatar Apr 06 '19 19:04 JHeinzde

@JHeinzde Very nice. I am looking forward to see this work completed

chris-rock avatar Apr 09 '19 13:04 chris-rock

Hello @artem-sidorenko, I have put more work into this and will honor the plan you described here, but modify it a bit:

one PR related to the linting/rubocop stuff
another PR with the renaming of ssh_version to real_ssh_version and switch of current controls to it
next PR with a first implementation of ssh_version and only for privlege_separation part
next PR or PRs with crypto stuff, algorithms etc.

Since I think no rename is required to ssh_version its going to stay like this. I will first submit 2 pull requests. The first PR is going to be aimed at find_ssh_version, guess_ssh_version and PRIVILEGE_SEPARATION and HOSTKEY Algorithms. The second PR is going to introduce the cryptologic of devsec_ssh.rb.

The last one is going to be related to rubocop/other stuff, when I can figure out the consequences of this, since at least for me currently the travis build is broken with these changes I've done

JHeinzde avatar Jun 20 '19 12:06 JHeinzde