Add support for configuring gitlab-sshd crypto
What does this MR do?
This adds gitlab-shell config options for:
ciphers
kexAlgorithms
macs
The default values are explicitly listed so they can be trimmed if necessary.
Requires gitlab-shell v14.4.0 for gitlab-org/gitlab-shell!633 (merged).
Related issues
Relates to gitlab-org/gitlab-shell#575 (closed)
Checklist
See Definition of done.
For anything in this list which will not be completed, please provide a reason in the MR discussion.
Testing
ssh-audit
(https://github.com/jtesta/ssh-audit or brew install ssh-audit
on macOS). can be used to verify that the changes have taken effect. Simply trim undesired ciphers and redeploy.
Required
-
Merge Request Title and Description are up to date, accurate, and descriptive -
MR targeting the appropriate branch -
MR has a green pipeline on GitLab.com
Expected (please provide an explanation if not completing)
-
Test plan indicating conditions for success has been posted and passes -
Documentation created/updated -
Tests added -
Integration tests added to GitLab QA -
Equivalent MR/issue for omnibus-gitlab opened
Edited by Stan Hu