mirror of
https://github.com/tommytran732/Fedora-CoreOS-Ignition
synced 2024-12-22 14:42:16 -05:00
Update SSHD and Kernel configs
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
254eeaef42
commit
c75d4a363a
File diff suppressed because one or more lines are too long
@ -59,9 +59,10 @@ systemd:
|
||||
mask: true
|
||||
storage:
|
||||
files:
|
||||
- path: /etc/ssh/sshd_config.d/60-disable-GSSAPI.conf
|
||||
- path: /etc/ssh/sshd_config.d/10-custom.conf
|
||||
contents:
|
||||
inline: |
|
||||
X11Forwarding no
|
||||
GSSAPIAuthentication no
|
||||
- path: /etc/zincati/config.d/51-rollout-wariness.toml
|
||||
contents:
|
||||
@ -114,18 +115,12 @@ storage:
|
||||
contents:
|
||||
inline: |
|
||||
* hard core 0
|
||||
- path: /etc/ssh/ssh_config.d/60-disable-GSSAPI.conf
|
||||
- path: /etc/ssh/ssh_config.d/10-custom.conf
|
||||
overwrite: true
|
||||
contents:
|
||||
inline: |
|
||||
X11Forwarding no
|
||||
GSSAPIAuthentication no
|
||||
- path: /etc/sysctl.d/20-silence-audit.conf
|
||||
contents:
|
||||
inline: |
|
||||
# Raise console message logging level from DEBUG (7) to WARNING (4)
|
||||
# so that audit messages don't get interspersed on the console that
|
||||
# may frustrate a user trying to interactively log in.
|
||||
kernel.printk=4
|
||||
links:
|
||||
- path: /etc/localtime
|
||||
target: ../usr/share/zoneinfo/America/New_York
|
||||
@ -185,3 +180,4 @@ kernel_arguments:
|
||||
- sysctl.kernel.perf_event_paranoid=3
|
||||
- sysctl.net.ipv6.conf.all.accept_ra=0
|
||||
- sysctl.net.ipv6.conf.default.accept_ra=0
|
||||
- sysctl.kernel.printk=4
|
||||
|
File diff suppressed because one or more lines are too long
18
Generic.yml
18
Generic.yml
@ -77,9 +77,10 @@ systemd:
|
||||
mask: true
|
||||
storage:
|
||||
files:
|
||||
- path: /etc/ssh/sshd_config.d/60-disable-GSSAPI.conf
|
||||
- path: /etc/ssh/sshd_config.d/10-custom.conf
|
||||
contents:
|
||||
inline: |
|
||||
X11Forwarding no
|
||||
GSSAPIAuthentication no
|
||||
- path: /etc/zincati/config.d/51-rollout-wariness.toml
|
||||
contents:
|
||||
@ -120,18 +121,12 @@ storage:
|
||||
contents:
|
||||
inline: |
|
||||
* hard core 0
|
||||
- path: /etc/ssh/ssh_config.d/60-disable-GSSAPI.conf
|
||||
- path: /etc/ssh/ssh_config.d/10-custom.conf
|
||||
overwrite: true
|
||||
contents:
|
||||
inline: |
|
||||
GSSAPIAuthentication no
|
||||
- path: /etc/sysctl.d/20-silence-audit.conf
|
||||
contents:
|
||||
inline: |
|
||||
# Raise console message logging level from DEBUG (7) to WARNING (4)
|
||||
# so that audit messages don't get interspersed on the console that
|
||||
# may frustrate a user trying to interactively log in.
|
||||
kernel.printk=4
|
||||
X11Forwarding no
|
||||
GSSAPIAuthentication no
|
||||
links:
|
||||
- path: /etc/localtime
|
||||
target: ../usr/share/zoneinfo/America/New_York
|
||||
@ -188,4 +183,5 @@ kernel_arguments:
|
||||
- sysctl.vm.swappiness=1
|
||||
- sysctl.kernel.perf_event_paranoid=3
|
||||
- sysctl.net.ipv6.conf.all.accept_ra=0
|
||||
- sysctl.net.ipv6.conf.default.accept_ra=0
|
||||
- sysctl.net.ipv6.conf.default.accept_ra=0
|
||||
- kernel.printk=4
|
File diff suppressed because one or more lines are too long
17
GitLab.yml
17
GitLab.yml
@ -79,9 +79,10 @@ systemd:
|
||||
mask: true
|
||||
storage:
|
||||
files:
|
||||
- path: /etc/ssh/sshd_config.d/60-disable-GSSAPI.conf
|
||||
- path: /etc/ssh/sshd_config.d/10-custom.conf
|
||||
contents:
|
||||
inline: |
|
||||
X11Forwarding no
|
||||
GSSAPIAuthentication no
|
||||
- path: /etc/zincati/config.d/51-rollout-wariness.toml
|
||||
contents:
|
||||
@ -122,18 +123,12 @@ storage:
|
||||
contents:
|
||||
inline: |
|
||||
* hard core 0
|
||||
- path: /etc/ssh/ssh_config.d/60-disable-GSSAPI.conf
|
||||
- path: /etc/ssh/ssh_config.d/10-custom.conf
|
||||
overwrite: true
|
||||
contents:
|
||||
inline: |
|
||||
X11Forwarding no
|
||||
GSSAPIAuthentication no
|
||||
- path: /etc/sysctl.d/20-silence-audit.conf
|
||||
contents:
|
||||
inline: |
|
||||
# Raise console message logging level from DEBUG (7) to WARNING (4)
|
||||
# so that audit messages don't get interspersed on the console that
|
||||
# may frustrate a user trying to interactively log in.
|
||||
kernel.printk=4
|
||||
links:
|
||||
- path: /etc/localtime
|
||||
target: ../usr/share/zoneinfo/America/New_York
|
||||
@ -190,4 +185,6 @@ kernel_arguments:
|
||||
- sysctl.vm.swappiness=1
|
||||
- sysctl.kernel.perf_event_paranoid=3
|
||||
- sysctl.net.ipv6.conf.all.accept_ra=0
|
||||
- sysctl.net.ipv6.conf.default.accept_ra=0
|
||||
- sysctl.net.ipv6.conf.default.accept_ra=0
|
||||
- sysctl.kernel.printk=4
|
||||
|
File diff suppressed because one or more lines are too long
@ -78,9 +78,10 @@ systemd:
|
||||
mask: true
|
||||
storage:
|
||||
files:
|
||||
- path: /etc/ssh/sshd_config.d/60-disable-GSSAPI.conf
|
||||
- path: /etc/ssh/sshd_config.d/10-custom.conf
|
||||
contents:
|
||||
inline: |
|
||||
X11Forwarding no
|
||||
GSSAPIAuthentication no
|
||||
- path: /etc/zincati/config.d/51-rollout-wariness.toml
|
||||
contents:
|
||||
@ -121,18 +122,12 @@ storage:
|
||||
contents:
|
||||
inline: |
|
||||
* hard core 0
|
||||
- path: /etc/ssh/ssh_config.d/60-disable-GSSAPI.conf
|
||||
- path: /etc/ssh/ssh_config.d/10-custom.conf
|
||||
overwrite: true
|
||||
contents:
|
||||
inline: |
|
||||
X11Forwarding no
|
||||
GSSAPIAuthentication no
|
||||
- path: /etc/sysctl.d/20-silence-audit.conf
|
||||
contents:
|
||||
inline: |
|
||||
# Raise console message logging level from DEBUG (7) to WARNING (4)
|
||||
# so that audit messages don't get interspersed on the console that
|
||||
# may frustrate a user trying to interactively log in.
|
||||
kernel.printk=4
|
||||
links:
|
||||
- path: /etc/localtime
|
||||
target: ../usr/share/zoneinfo/America/New_York
|
||||
@ -189,4 +184,5 @@ kernel_arguments:
|
||||
- sysctl.vm.swappiness=1
|
||||
- sysctl.kernel.perf_event_paranoid=3
|
||||
- sysctl.net.ipv6.conf.all.accept_ra=0
|
||||
- sysctl.net.ipv6.conf.default.accept_ra=0
|
||||
- sysctl.net.ipv6.conf.default.accept_ra=0
|
||||
- sysctl.kernel.printk=4
|
Loading…
Reference in New Issue
Block a user