Open
Conversation
ThibaultDewailly
approved these changes
Feb 16, 2026
bin/hardening/sshd_disable_gssapi.sh
Outdated
| PATTERN_ANY="^${OPTION}[[:space:]]" | ||
|
|
||
| # Assume OK initially | ||
| SSHD_GSSAPI_OPTION_OK=0 |
Collaborator
There was a problem hiding this comment.
this should not be the case
| local found_correct=0 | ||
|
|
||
| # Check main config file | ||
| does_pattern_exist_in_file_nocase "$FILE" "$PATTERN_ANY" |
Collaborator
There was a problem hiding this comment.
this can be done in only one if
| for include_dir in $(grep -E "^Include" "$FILE" | awk '{print $2}'); do | ||
| # Expand the path if it contains wildcards | ||
| for conf_file in ${include_dir}; do | ||
| if [ -f "$conf_file" ]; then |
| return | ||
| fi | ||
|
|
||
| # Assume config is OK, set to failure if any check fails |
Collaborator
There was a problem hiding this comment.
no this needs to be inverted
| status=audit | ||
| # Configuration for script: $SCRIPT_NAME | ||
| # Put your authorized NTP time servers here (space-separated) | ||
| NTP_SERVERS='time.nist.gov time.google.com' |
Collaborator
There was a problem hiding this comment.
more public NTP server, nist and google cannot be commited like this
ThibaultDewailly
requested changes
Feb 16, 2026
damcav35
force-pushed
the
damcav35/deb12_scripts_19
branch
2 times, most recently
from
33ec2eb to
4d5be1e
Compare
added 2 commits
February 27, 2026 12:10
bin/hardening/sshd_disable_gssapi.sh -> 5.1.9 bin/hardening/timesyncd_authorized_server.sh -> 2.3.2.1 bin/hardening/chrony_authorized_server.sh -> 2.3.3.1 bin/hardening/dev_shm_nodev.sh -> 1.1.2.2.2 bin/hardening/dev_shm_noexec.sh -> 1.1.2.2.4 bin/hardening/dev_shm_nosuid.sh -> 1.1.2.2.3
damcav35
force-pushed
the
damcav35/deb12_scripts_19
branch
from
4d5be1e to
c54a90e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.