[SECURITY] Harden SSH across all servers #37

New Issue

Open

opened 2026-04-10 21:48:44 -05:00 by blakeridgway · 0 comments

blakeridgway commented 2026-04-10 21:48:44 -05:00

Owner

Copy Link

Description

Harden SSH configuration across all servers (srv01, srv02, nvr) and jails:

• Disable password authentication

• Enforce key-only authentication

• Disable root login

• Install and configure sshguard (FreeBSD) or fail2ban (Linux/Debian)

• Restrict SSH to specific users/groups

Severity

High

Affected Services

SSH access on all servers.

Steps to Reproduce

No response

Suggested Mitigation

No response

### Description Harden SSH configuration across all servers (srv01, srv02, nvr) and jails: - Disable password authentication - Enforce key-only authentication - Disable root login - Install and configure sshguard (FreeBSD) or fail2ban (Linux/Debian) - Restrict SSH to specific users/groups ### Severity High ### Affected Services SSH access on all servers. ### Steps to Reproduce _No response_ ### Suggested Mitigation _No response_

blakeridgway added the

security

label 2026-04-10 21:48:44 -05:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

No results found.

Labels

Clear labels

bug

Something is not working

day-to-day

A small routine task for the current sprint

feature

A request for new functionality

high

High priority — needs immediate attention

infrastructure

A change to infrastructure services, DNS, firewall, etc.

low

medium

planned-outage

A scheduled maintenance window or service outage

security

A security concern or vulnerability

No Label

security

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

blakeridgway

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: RidgwaySystems/tickets#37

No description provided.