Monday, Nov 30, 2015

Hardening Framework releases updated Ansbile os-hardening and ssh-hardening

Continuously, the Hardening Framework improves its framework to cover up-to-date server hardening. Sebastian Gumprich and Anton Lugovoi did an amazing job to improve the Ansible implementation for os-hardening and ssh-hardening. Core focus of the last release was to improve and ease the installation via Ansible Galaxy.

For os-hardening:

  • Fix a bug in the passwdqc template (#51)
  • Change directory layout so the role is easily installable from ansible-galaxy (#49)
  • Improved travis-tests to cover more cases (#42)
  • Fix passwdqc default options (#44)
  • Remove duplicate “update pam” task (#46)
  • Fix stuck in case pam files was updated before by force update (#45)
  • Fix nologin shell path (#44)

For ssh-hardening:

  • adds more tests (#42)
  • support for sftp-enabling (#41
  • and a new directory layout, making the role easily installable from ansible-galaxy (#44).

The Hardening Framework is also available for Chef and Puppet. Be sure to follow us on Twitter for the latest updates.