Releases: loranmutafov/simple-bastion
Releases · loranmutafov/simple-bastion
v1.1.4 Make LogLevel configurable
Make LogLevel configurable
v1.1.3 Fix debug configuration
Fix debug logging and rename it to better reflect it is debug logging…
v1.1.2 Make verbosity configurable
Make verbosity configurable
v1.1.1 Expand configurability
Make the following sshd options configurable via env vars:
ClientAliveCountMaxviaCLIENT_ALIVE_COUNT_MAXClientAliveIntervalviaCLIENT_ALIVE_INTERVALTCPKeepAliveviaTCP_KEEP_ALIVE
v1.1.0 Add user:ssh provisioning
Enables provisioning of SSH keys per user a-la GCP, i.e. user:public_key
Example of the provisioning config:
cloudysanfrancisco:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAu5kKQCPF...
baklavainthebalkans:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQDx3FNVC8...
v1.1.0-beta8 Replace last approach with simply disabling the user password in /etc/shadow
v1.1.0-beta8 Replace last approach with simply disabling the user password in /etc/shadow
Pre-release
Pre-release
Using a star * instead of a bang !, keeps the user account unlocked, but still disables login by password by keeping the password invalid.
Effectively this leaves only the option of public key ssh login.
v1.1.0-beta7 Substitute usermod approach with UsePAM setting
Substitute usermod approach with UsePAM setting
v1.1.0-beta6 Disable password-based access for ssh users
Disable password-based access for ssh users
v1.1.0-beta5 Allow ssh-access to all bastion users
Give ssh access to all bastion-group users
v1.1.0-beta4 Call script by its absolute path
Call script by its absolute path