kubernetes

github/kubernetes

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ryan Hitchman	a7e64aaa66	Make coreos test images sshd not allow password login. Configuration is based on: https://coreos.com/os/docs/latest/customizing-sshd.html The specific SSHD config is: # Use most defaults for sshd configuration. UsePrivilegeSeparation sandbox Subsystem sftp internal-sftp ClientAliveInterval 180 UseDNS no UsePAM yes PrintLastLog no # handled by PAM PrintMotd no # handled by PAM AuthenticationMethods publickey This will prevent security scanners from triggering.	2017-08-25 11:49:34 -07:00
Euan Kemp	e58f3f61f8	test/node-e2e: Update CoreOS update disabling This disables update-engine and locksmithd with ignition instead of cloud-init so that they're really totally 100% disabled. Pretty much every way of disabling them with cloud-init is mildly racy. Fixes #31633	2016-08-29 16:11:40 -07:00

Author

SHA1

Message

Date

Ryan Hitchman

a7e64aaa66

Make coreos test images sshd not allow password login.

Configuration is based on:
https://coreos.com/os/docs/latest/customizing-sshd.html

The specific SSHD config is:

    # Use most defaults for sshd configuration.
    UsePrivilegeSeparation sandbox
    Subsystem sftp internal-sftp
    ClientAliveInterval 180
    UseDNS no
    UsePAM yes
    PrintLastLog no # handled by PAM
    PrintMotd no # handled by PAM
    AuthenticationMethods publickey

This will prevent security scanners from triggering.

2017-08-25 11:49:34 -07:00

Euan Kemp

e58f3f61f8

test/node-e2e: Update CoreOS update disabling

This disables update-engine and locksmithd with ignition instead of
cloud-init so that they're really totally 100% disabled.

Pretty much every way of disabling them with cloud-init is mildly racy.

Fixes #31633

2016-08-29 16:11:40 -07:00

2 Commits