hardenedbsd.org Header Art


No announcement yet.

Quick HardenedBSD hardening poll - linuxulator and sshd_config

  • Filter
  • Time
  • Show
Clear All
new posts

  • Quick HardenedBSD hardening poll - linuxulator and sshd_config

    The linuxulator is unsupported in HardenedBSD and, as one user reports, has issues. Since the linuxulator[0] provides weird and attractive attack surface, I'd like to propose outright removal of the linuxulator in HardenedBSD. Given that it has issues, and only a single user has reported an issue in the last few years, I don't think it's of much use to the HardenedBSD community.

    Besides, we have bhyve. :-)

    Additionally, we'd like to harden sshd's config a bit. Loic opened a merge request[1] proposing a number of changes. One change that could cause potential issues is setting MaxSessions.

    Please respond by 15 April 2022 (here or on the users@ mailing list) if you have any concerns regarding the changes to either the linuxulator or sshd's default config

    [0]: https://docs.freebsd.org/en/books/handbook/linuxemu/
    [1]: https://git.hardenedbsd.org/hardened...ge_requests/60

  • #2
    I love it!

    I also have more suggestions beyond the ones you have lists in you [1] should I paste them here?
    PGP Key: https://defcon.org/html/links/dtangent.html


    • #3
      Sure! I'd love to hear any suggestions you may have. :-)