starred/du_setup
1
0
Fork 0
mirror of https://github.com/buildplan/du_setup.git synced 2026-04-26 10:35:51 +03:00
Code Issues 1 Projects Releases 5 Packages Wiki Activity
5 releases 55 tags
  • v0.80.1 78515c6a5a

    v0.80.1 Stable

    kerem released this 2026-03-01 00:34:04 +03:00 | 13 commits to main since this release

    📅 Originally published on GitHub: Sat, 28 Feb 2026 21:36:49 GMT
    🏷️ Git tag created: Sat, 28 Feb 2026 21:34:04 GMT

    What's Changed

    Bug Fixes

    • Fixed SSH port detection latching to X11 forwarding port — when connected via ssh -X on a dual-stack IPv6 server, ss output could resolve the X11 display port (60xx) before the real SSH port, causing rollback to restore the wrong port. Detection now explicitly filters out X11 port range (6010–6099) and also matches ssh.socket listeners.

    • Fixed SSH hardening drop-in load order — renamed 99-hardening.conf to 10-hardening.conf. OpenSSH uses first-match-wins on drop-ins processed lexicographically, meaning provider-injected configs (e.g. 50-cloud-init.conf) were silently overriding hardening directives. Hardening rules now evaluate first.

    Security Improvements

    • Existing users are now required to provide or generate a valid SSH key before setup continues, preventing lockout when PasswordAuthentication is disabled. Previously this was a warning only.

    • SSH and 2FA connection verification prompts now timeout after 5 minutes — if your session drops during the key confirmation step, the script auto-reverts rather than hanging indefinitely.

    Improvements

    • New port selection checks for conflictsvalidate_port now verifies the chosen SSH port is not already in use by another service before accepting it.

    • SSH key setup extracted into a reusable setup_ssh_keys() function, used consistently across new and existing user flows.

    Thanks @avetere for reporting most of these and discussed in #100

    Full Changelog: https://github.com/buildplan/du_setup/compare/v0.80.0...v0.80.1

    Downloads