Skip to content

Feature bastion host solution#17

Open
smazigh wants to merge 2 commits into
mainfrom
feature-bastion-host-solution
Open

Feature bastion host solution#17
smazigh wants to merge 2 commits into
mainfrom
feature-bastion-host-solution

Conversation

@smazigh

@smazigh smazigh commented Feb 25, 2026

Copy link
Copy Markdown
Contributor

-- added a one-click to deploy a hardened Bastion host, featuring a deployment script powered by Crusoe CLI

Seif Mazigh added 2 commits January 21, 2026 14:46
Security:
- Disable default ubuntu user, use bastionadmin only
- Increase SSH MaxAuthTries to 6, fail2ban maxretry to 5
- Fix session logging permissions (1777) for user write access
- Remove deprecated SSH Protocol 2 directive

Deploy script:
- Auto-detect project ID from Crusoe CLI config
- Quiet terraform output (show logs only on failure)
- Auto-approve terraform after config confirmation

Scripts:
- Fix add-user.sh/remove-user.sh to use bastionadmin
- Add IdentitiesOnly=yes to prevent auth failures

Documentation:
- Add Testing Security Features section to README
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant