Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

change default to allow SFTP #564

Merged
merged 6 commits into from
Aug 22, 2022
Merged

change default to allow SFTP #564

merged 6 commits into from
Aug 22, 2022

Conversation

schurzi
Copy link
Contributor

@schurzi schurzi commented Aug 19, 2022

Historically we have disabled SFTP with the argument, that running less services is more secure.

I want to change that, because OpenSSH advises to use SFTP (release notes of OpenSSH 8.0).

The scp protocol is outdated, inflexible and not readily fixed. We
recommend the use of more modern protocols like sftp and rsync for
file transfer instead.

Additionally disabling STFP generates errors with Ansible in the default configuration

Signed-off-by: Martin Schurz <[email protected]>
Signed-off-by: Martin Schurz <[email protected]>
@schurzi
Copy link
Contributor Author

schurzi commented Aug 19, 2022

related in baseline: dev-sec/ssh-baseline#128

Signed-off-by: Martin Schurz <[email protected]>
@rndmh3ro rndmh3ro added breaking Backwards incompatible change and removed minor labels Aug 19, 2022
Signed-off-by: Martin Schurz <[email protected]>
Signed-off-by: Martin Schurz <[email protected]>
Signed-off-by: Martin Schurz <[email protected]>
@rndmh3ro rndmh3ro merged commit c1cd6c5 into master Aug 22, 2022
@rndmh3ro rndmh3ro deleted the sftp_default branch August 22, 2022 08:03
@rndmh3ro rndmh3ro added the major label Aug 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
2 participants