Mohammed Naser | 7bda44d | 2025-01-18 15:49:44 -0500 | [diff] [blame] | 1 | # SPDX-FileCopyrightText: © 2025 VEXXHOST, Inc. |
| 2 | # SPDX-License-Identifier: GPL-3.0-or-later |
| 3 | # Atmosphere-Rebuild-Time: 2024-06-26T17:38:39Z |
Mohammed Naser | 3769438 | 2024-04-02 21:11:31 -0400 | [diff] [blame] | 4 | |
Mohammed Naser | 7bda44d | 2025-01-18 15:49:44 -0500 | [diff] [blame] | 5 | FROM openstack-runtime |
Mohammed Naser | d28fbaf | 2024-04-08 17:15:00 -0400 | [diff] [blame] | 6 | RUN <<EOF bash -xe |
| 7 | apt-get update -qq |
| 8 | apt-get install -qq -y --no-install-recommends \ |
vexxhost-bot | da7ae3f | 2025-01-08 02:38:24 -0500 | [diff] [blame] | 9 | iproute2 \ |
Mohammed Naser | d28fbaf | 2024-04-08 17:15:00 -0400 | [diff] [blame] | 10 | openssh-server \ |
| 11 | openssh-client |
| 12 | EOF |
| 13 | RUN <<EOF bash -xe |
| 14 | chown -R nova: /etc/ssh |
| 15 | mkdir /var/run/sshd |
| 16 | chmod 0755 /var/run/sshd |
| 17 | EOF |
vexxhost-bot | 410f511 | 2024-06-05 20:52:28 +0200 | [diff] [blame] | 18 | COPY <<EOF /etc/ssh/sshd_config.d/00-hardening.conf |
| 19 | Ciphers aes256-ctr,aes192-ctr |
| 20 | MACs hmac-sha2-512,hmac-sha2-256 |
| 21 | KexAlgorithms diffie-hellman-group-exchange-sha256 |
| 22 | HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 |
| 23 | MaxAuthTries 3 |
| 24 | EOF |