Fuel for OpenStack

SSH brute force protection for cluster

Bug #1604751 reported by OpenStack Infra on 2016-07-20

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Fuel for OpenStack	Fix Released	High	Alexander Adamov	Fuel for OpenStack 9.1

Bug Description

https://review.openstack.org/343925
Dear bug triager. This bug was created since a commit was marked with DOCIMPACT.

commit 71991fae2cdd6e1cc695a9eaec7419b0bff0b542
Author: Maksim Malchuk <email address hidden>
Date: Mon Jul 18 23:55:49 2016 +0300

SSH brute force protection for cluster

    This commit implements the same feature used for the Fuel master node
    [0] with rate-limiting requests to SSH with iptables. The protection
    used only when enabled and only for the not provided [1] networks.

[0] I0f452c8b0a808789aa4c2cd85d1d00556b210a39
[1] I34c9907d781b81253ed6942c67b16f8480de3bb5

    DocImpact
    Closes-Bug: #1563721
    Depends-On: I7bbd96fb43fcd6030621671d0056f56324f50956
    Change-Id: Id053e61ae16d126126dfb94cb4d9358dd7126d52
    Co-Authored-By: Alex Schultz <email address hidden>
    Signed-off-by: Maksim Malchuk <email address hidden>

Tags:

Oleksiy Molchanov (omolchanov) on 2016-07-21

Changed in fuel:
milestone:	none → 9.1
assignee:	nobody → Fuel Documentation Team (fuel-docs)
importance:	Undecided → High
status:	New → Confirmed

Alexander Adamov (aadamov) on 2016-08-03

Changed in fuel:
assignee:	Fuel Documentation Team (fuel-docs) → Alexander Adamov (aadamov)

Revision history for this message

Alexander Adamov (aadamov) wrote on 2016-08-08:

The fix will come with MOS 9.1 Release Notes

tags:

added: release-notes

Revision history for this message

Alexander Adamov (aadamov) wrote on 2016-08-25:

https://review.fuel-infra.org/#/c/25093/

Changed in fuel:
status:	Confirmed → Fix Committed
tags:	added: release-notes-done removed: release-notes

Andrey Lavrentyev (alavrentyev) on 2016-09-22

tags:

added: on-verification

Revision history for this message

Andrey Lavrentyev (alavrentyev) wrote on 2016-09-22:

Verified on 9.1 snapshot #294

UBUNTU_MIRROR_ID=ubuntu-2016-09-14-213640
CENTOS_MIRROR_ID=centos-7.2.1511-2016-05-31-083834
MOS_UBUNTU_MIRROR_ID=9.0-2016-09-21-170321
MOS_CENTOS_OS_MIRROR_ID=os-2016-06-23-135731
MOS_CENTOS_PROPOSED_MIRROR_ID=proposed-2016-09-21-170321
MOS_CENTOS_UPDATES_MIRROR_ID=updates-2016-06-23-135916
MOS_CENTOS_HOLDBACK_MIRROR_ID=holdback-2016-06-23-140047
MOS_CENTOS_HOTFIX_MIRROR_ID=hotfix-2016-09-16-084322
MOS_CENTOS_SECURITY_MIRROR_ID=security-2016-06-23-140002

tags:	removed: on-verification
Changed in fuel:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.