Hardening's SSH' listen_to config is not cloud aware
Bug #1626518 reported by
Ante Karamatić
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Charm Helpers |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Current 'listen_to' setting in hardening is not very useful in cloud environments.
Each unit has its own IP and therefore it's impossible to configure the application with a single config file.
Currently, one has to set listen_to to 0.0.0.0 to make it usable, but at the same time this violates most security policies of binding SSH to specific NIC/address).
Related branches
lp:~ivoks/charm-helpers/ssh_ip
- Liam Young (community): Needs Fixing
-
Diff: 61 lines (+36/-1)1 file modifiedcharmhelpers/contrib/hardening/ssh/checks/config.py (+36/-1)
tags: | added: 4010 |
Changed in charm-helpers: | |
status: | New → Fix Released |
To post a comment you must log in.