Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Undefined
Fix Version/s: rhel-10.0.beta
Affects Version/s: None
Component/s: rhel-system-roles
Labels:
- RHEL-System-Roles
- system_role_ssh

Fixed in Build:
rhel-system-roles-1.79.0-0.2.el10
sprint_count:
2

Pool Team:

rhel-sst-system-roles

Story Points:
1
ACKs Check:

Dev ack
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes
Products:

Red Hat Enterprise Linux
Sprint:
System Roles Sprint 2, System Roles Sprint 3

Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/130994
Test Coverage:
None

Release Note Type:
Enhancement
Release Note Text:

Hide
.The `ssh` RHEL system role now recognizes the `ObscureKeystrokeTiming` and `ChannelTimeout` configuration options

The `ssh` RHEL system role has been updated to reflect addition of the following configuration options in the OpenSSH utility suite:

* `ObscureKeystrokeTiming` (yes|no|interval specifier, defaults to 20): Configures whether the `ssh` utility should obscure the inter-keystroke timings from passive observers of network traffic.

* `ChannelTimeout`: Configures whether and how quickly the `ssh` utility should close inactive channels.

When using the `ssh` RHEL system role, you can use the new options like in this example play:

----
- name: Non-exclusive sshd configuration
   hosts: managed-node-01.example.com
   tasks:
     - name: Configure ssh to obscure keystroke timing and set 5m session timeout
        ansible.builtin.include_role:
          name: rhel-system-roles.ssh
        vars:
          ssh_ObscureKeystrokeTiming: _"interval:80"_
          ssh_ChannelTimeout: _"session=5m"_
----

Show
.The `ssh` RHEL system role now recognizes the `ObscureKeystrokeTiming` and `ChannelTimeout` configuration options The `ssh` RHEL system role has been updated to reflect addition of the following configuration options in the OpenSSH utility suite: * `ObscureKeystrokeTiming` (yes|no|interval specifier, defaults to 20): Configures whether the `ssh` utility should obscure the inter-keystroke timings from passive observers of network traffic. * `ChannelTimeout`: Configures whether and how quickly the `ssh` utility should close inactive channels. When using the `ssh` RHEL system role, you can use the new options like in this example play: ---- - name: Non-exclusive sshd configuration    hosts: managed-node-01.example.com    tasks:      - name: Configure ssh to obscure keystroke timing and set 5m session timeout         ansible.builtin.include_role:           name: rhel-system-roles.ssh         vars:           ssh_ObscureKeystrokeTiming: _"interval:80"_           ssh_ChannelTimeout: _"session=5m"_ ----
Release Note Status:
Done

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Enhancement: Add new configuration options `ObscureKeystrokeTiming` and `ChannelTimeout`; remove false positives in the test

Reason: New OpenSSH was released with new configuration option.

Result: The option is recognized by the system role.

Issue Tracker Tickets (Jira or BZ if any): -

clones

RHEL-40180 feat: Add new configuration options and remove false positives in the test

Closed

links to

RHBA-2024:130994 rhel-system-roles bug fix and enhancement update

Assignee:: Richard Megginson

Reporter:: Richard Megginson

Developer:: Richard Megginson

QA Contact:: Jakub Haruda

Doc Contact:: Jaroslav Klech

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2024/06/05 8:57 PM

Updated:: 2024/11/13 8:34 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates