๐๏ธ What is a Bastion Host?
We learn about the thing we're trying to protect in the lab.
๐๏ธ 1. Setting up our Bastion Host
We launch our Bastion Host and connect to it independent of SSH.
๐๏ธ 2. Reviewing the config of the Bastion
We SSH in and briefly review the state of SELinux on the host.
๐๏ธ 3. What info can adjacent SSH tenants access?
Learn how to steal credentials from another tenant's SSH agent.
๐๏ธ What do we need SELinux to do for us?
An overview of the protections we're trying to add to fortify this bastion host.
๐๏ธ 4. Configuring PAM to use SELinux
Install the SELinux tools, enable SELinux and integrate with PAM and SSH.
๐๏ธ 5. Where can I find the logs?
Learn about auditd and ausearch and what type of events SELinux logs upon policy violations.
๐๏ธ 6. Setting phasers to enforce!
Recap on where we're at currently?