OneDev
Dashboards
Projects
Global Views
Code Search
server
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Packages
Statistics
Child Projects
Audit Log
OneDev 14.0.7
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects onedev server Issues OD-1897
Disable insecure SSH algorithms (OD-1897)
x70b1 opened 2 years ago

I was interested in how OneDev implemented the SSH service. I found out that it is based on Apache MINA sshd. It would be very helpful to have a way of setting the used security options. But maybe that is too much effort. Because after all the goal is a secure configuration.

Maybe we can at least remove some unsecure ciphers / key exchange algos? ssh-audit is a great tool to get a general understanding. Here is an example command and a small part of the result.

Thanks for working on OneDev!

docker run -it positronsecurity/ssh-audit -p 6011 onedev.example.com

screenshot-20240515-16:13:44.png

  • Robin Shen changed title 2 years ago
    Previous Value Current Value 
    Settings for SSH conection security
    		 
    Disable insecure SSH algorithms
  • OneDev changed state to 'Closed' 2 years ago
    Previous Value Current Value 
    Open
    		 
    Closed
  • OneDev commented 2 years ago

    State changed as code fixing the issue is committed (ceefc4a3)

  • OneDev changed state to 'Released' 2 years ago
    Previous Value Current Value 
    Closed
    		 
    Released
  • OneDev commented 2 years ago

    State changed as build OD-5077 is successful

issue 1/1
Type
Improvement
Priority
Normal
Assignee
Robin Shen
Labels
No labels
Issue Votes (0)
Login to vote
Watchers (3)
Reference
OD-1897
Please wait...
Connection lost or session expired, reload to recover
Page is in error, reload to recover