Comments (5)
vpetersson
commented on June 20, 2024
We want to demo this for an investor, so let's take some shortcuts to get the alpha version of this working. Here are some shortcuts:
- Instead of making an API call back to the back-end to lookup what an ID means, let's use names (e.g.
wott-agent patch openssh-disable-password-auth). - Let's limit the scope to the ssh recommended actions.
- Let's make sure to run a ping at the end of the run.
- Let's make sure to take a backup of the file prior to the change.
Outstanding tasks for MVP after #263:
- Add comment on line before
- Backup config file to
/opt/wott/backup - Test and restart service using SIGHUP
- Add warning message for when disabling password auth
Warning: Before you disable password authentication, make sure that you have generated and installed your SSH keys on this server. Failure to do so will result in that you will be locked out. I have have my SSH key(s) installed: [y/N]
from agent.
vpetersson
commented on June 20, 2024
MVP is done Sprint 16. We've received great feedback on this. Now we need to revisit the original scope in Sprint 17.
from agent.
vpetersson
commented on June 20, 2024
We need to resume work on this. As next steps, I want to do the following:
- Port all CVE instructions to the agent (WoTTsecurity/api#771).
- AWS Linux
- Ubuntu
- Hide 'Certificate expires...' when using
patch.
Next sprint
- Display the actual
diffas per the instructions in the initial ticket. - Implement patch for 'Automatic security updates not enabled'
- AWS Linux
- Ubuntu
from agent.
rptrchv
commented on June 20, 2024
13 complexity points
from agent.
a-martynovich
commented on June 20, 2024
20
from agent.
Related Issues (20)
- Set User-Agent header
- Installation fails on Debian Jessie HOT 2
- Add audit of Docker containers HOT 2
- Add environment/cloud detection HOT 3
- "Automatic security updates" fail to detect on Debian/Aws Linux HOT 2
- Improve sshd detection/logic HOT 3
- Fix self-update script for agent HOT 2
- Detect and send kernel metapacakages HOT 1
- Detect VirtualBox and suppress heartbleed/spectre
- Add support for Ubuntu 18.10 HOT 2
- Fix installation error on Ubuntu 16.04 HOT 4
- Implement CIS Benchmarks for OpenSSH (section 5.2) the Ubuntu guide. HOT 5
- Audit/Detect SSH keys
- Self-update code is broken on AWS Linux
- Certificate renewal broken on AWS Linux HOT 2
- Resolve kernel detection
- 'python-iptables: match "state" already registered' on AWS Linux HOT 5
- Formatting issue in post-install message
- Investigate CPU usage spike on Ubuntu HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from agent.