Mikaela
/
shell-things
mirror of https://gitea.blesmrt.net/mikaela/shell-things.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

sshd_config: add commented AcceptEnv 

and reason why it's commented, security, ShellShock worked with remotely
sent environent variables even with restricted accounts.
This commit is contained in:
Aminda Suomalainen 2015-09-06 07:33:32 +03:00
parent 90c86466dd
commit c3f351d21f
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etc/ssh/sshd_config
View File

@ -25,6 +25,10 @@ HostKey /etc/ssh/ssh_host_rsa_key
## Debian
#Subsystem sftp /usr/lib/openssh/sftp-server
# Nothing is Accepted for security reasons, e.g. shellshock worked with
# remotely accepted environment variables.
#AcceptEnv LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION
# Logging
LogLevel VERBOSE