21 lines
720 B
YAML
21 lines
720 B
YAML
---
|
|
# defaults file for hardening-basic
|
|
|
|
hardening_sshd_enabled: true
|
|
hardening_sshd_authorized_key_file: .ssh/authorized_keys
|
|
hardening_sshd_tcp_forward: false
|
|
hardening_sshd_legal_banner: false
|
|
hardening_sshd_permissions_set_sticky_bit: true
|
|
|
|
hardening_sysctl_vm_swappiness: 15
|
|
hardening_sysctl_disable_ipv6: false
|
|
|
|
hardening_modprobe_disable_list:
|
|
ipv6: [ipv6]
|
|
network_filesystems: [cifs,nfs,nfsv3,nfsv4,gfs2]
|
|
rare_filesystems: [cramfs,freevxfs,jffs2,hfs,hfsplus,squashfs,udf]
|
|
rare_protocols: [dccp,sctp,rds,tipc,n-hdlc,ax25,netrom,x25,rose,decnet,econet,af_802154,ipx,appletalk,psnap,p8023,p8022,can,atm]
|
|
vivid: [vivid]
|
|
|
|
hardening_journald_system_max_use: 250M
|
|
hardening_journald_system_max_file_size: 50M
|