ansible-playbook -i hosts.ini -u root update_ssh.yml
Last active
July 1, 2024 15:20
-
-
Save NitescuLucian/abea0f283a5555d5e4b99cd54947fefb to your computer and use it in GitHub Desktop.
CVE-2024-6387 (regreSSHion) workaround from Qualys
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: Update SSH configuration | |
| hosts: all | |
| become: yes | |
| tasks: | |
| - name: Append LoginGraceTime to sshd_config | |
| shell: echo 'LoginGraceTime 0' | tee -a /etc/ssh/sshd_config | |
| - name: Restart SSH service | |
| service: | |
| name: ssh | |
| state: restarted | |
| # Warning: execute at your own risk | |
| # CVE-2024-6387 (regreSSHion) | |
| # Source: https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment