| Mohammed Naser | 8661577 | 2024-06-01 10:02:09 -0400 | [diff] [blame] | 1 | # SPDX-License-Identifier: Apache-2.0 |
| vexxhost-bot | c2fd428 | 2024-06-26 07:04:25 +0200 | [diff] [blame] | 2 | # Atmosphere-Rebuild-Time: 2024-06-25T13:53:44Z |
| Mohammed Naser | 3769438 | 2024-04-02 21:11:31 -0400 | [diff] [blame] | 3 | |
| Mohammed Naser | d30f18d | 2024-04-17 01:20:43 -0400 | [diff] [blame] | 4 | ARG RELEASE |
| 5 | |
| Yaguang Tang | 0953b61 | 2024-12-13 04:14:34 +0800 | [diff] [blame] | 6 | FROM harbor.atmosphere.dev/library/openstack-runtime:${RELEASE} |
| Mohammed Naser | da99423 | 2024-04-13 12:34:01 -0400 | [diff] [blame] | 7 | RUN <<EOF bash -xe |
| 8 | apt-get update -qq |
| 9 | apt-get install -qq -y --no-install-recommends \ |
| vexxhost-bot | efbef39 | 2025-01-07 01:40:09 -0500 | [diff] [blame] | 10 | iproute2 \ |
| Mohammed Naser | da99423 | 2024-04-13 12:34:01 -0400 | [diff] [blame] | 11 | openssh-server \ |
| 12 | openssh-client |
| 13 | EOF |
| 14 | RUN <<EOF bash -xe |
| 15 | chown -R nova: /etc/ssh |
| 16 | mkdir /var/run/sshd |
| 17 | chmod 0755 /var/run/sshd |
| 18 | EOF |
| Mohammed Naser | 0c77909 | 2024-06-05 10:35:00 -0400 | [diff] [blame] | 19 | COPY <<EOF /etc/ssh/sshd_config.d/00-hardening.conf |
| 20 | Ciphers aes256-ctr,aes192-ctr |
| 21 | MACs hmac-sha2-512,hmac-sha2-256 |
| 22 | KexAlgorithms diffie-hellman-group-exchange-sha256 |
| 23 | HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 |
| 24 | MaxAuthTries 3 |
| 25 | EOF |