msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

V9.14.018.2026.06.07
🛡️ Retrieve DNSSEC status of coresecret.dev. / 🛡️ Retrieve DNSSEC status of coresecret.dev. (push) Has been cancelled
Details
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Has been cancelled
Details
💙 Generating a PUBLIC Live ISO. / 💙 Generating a PUBLIC Live ISO. (push) Has been cancelled
Details
🔐 Generating a Private Live ISO TRIXIE. / 🔐 Generating a Private Live ISO TRIXIE. (push) Has been cancelled
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2026-06-07 07:24:22 +01:00
parent 8b6731f1be
commit 9cdcc0a9ec
56 changed files with 204 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/AUDIT_DNSSEC.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. DNSSEC Status
docs/AUDIT_HAVEGED.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. Haveged Audit on Netcup RS 2000 G11
docs/AUDIT_LYNIS.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. Lynis Audit:
docs/AUDIT_SSH.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. SSH Audit by ssh-audit.com
docs/AUDIT_TLS.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. TLS Audit:
````text
docs/BOOTPARAMS.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. Hardened Kernel Boot Parameters
docs/CHANGELOG.md
+13 -1
View File
@@ -8,10 +8,22 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. Changelog
## V9.14.018.2026.06.07
* **Added**: [0022-ciss-overlay-tmpfs](../config/includes.chroot/usr/lib/live/boot/0022-ciss-overlay-tmpfs) Module summary
* **Added**: [0024-ciss-crypt-squash](../config/includes.chroot/usr/lib/live/boot/0024-ciss-crypt-squash) Module summary
* **Added**: [0026-ciss-early-sysctl](../config/includes.chroot/usr/lib/live/boot/0026-ciss-early-sysctl) Module summary
* **Added**: [0030-ciss-verify-checksums](../config/includes.chroot/usr/lib/live/boot/0030-ciss-verify-checksums) Module summary
* **Added**: [0042_ciss_post_decrypt_attest](../config/includes.chroot/usr/lib/live/boot/0042_ciss_post_decrypt_attest) Module summary
* **Added**: [9990-main.sh](../config/includes.chroot/usr/lib/live/boot/9990-main.sh) Module summary
* **Added**: [9990-networking.sh](../config/includes.chroot/usr/lib/live/boot/9990-networking.sh) Module summary
* **Added**: [9990-overlay.sh](../config/includes.chroot/usr/lib/live/boot/9990-overlay.sh) Module summary
* **Changed**: [9999_cdi_starter.sh](../scripts/usr/local/sbin/9999_cdi_starter.sh) Fixed: ``sysctl -p /etc/sysctl.d/90-ciss-local.hardened``
* **Changed**: [0042_ciss_post_decrypt_attest](../config/includes.chroot/usr/lib/live/boot/0042_ciss_post_decrypt_attest) Fixed: Signature checksum verification.
## V9.14.016.2026.06.06
* **Changed**: [zzzz_ciss_uki_build.hook.binary](../config/hooks/live/zzzz_ciss_uki_build.hook.binary)
* **Changed**: [zzzz_ciss_uki_install.hook.binary](../config/hooks/live/zzzz_ciss_uki_install.hook.binary)
docs/CNET.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. Centurion Net - Developer Branch Overview
docs/CONTRIBUTING.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. Contributing / participating
docs/CREDITS.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. Credits
docs/DL_PUB_ISO.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. Download the latest PUBLIC CISS.debian.live.ISO
docs/DOCUMENTATION.md
+3 -3
View File
@@ -8,14 +8,14 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2.1. Usage
````text
CDLB(1) CISS.debian.live.builder CDLB(1)
CISS.debian.live.builder from https://git.coresecret.dev/msw
Master V9.14.016.2026.06.06
Master V9.14.018.2026.06.07
A lightweight Shell Wrapper for building a hardened Debian Live ISO Image.
(c) Marc S. Weidner, 2018 - 2026
@@ -168,7 +168,7 @@ A lightweight Shell Wrapper for building a hardened Debian Live ISO Image.
💷 Please consider donating to my work at:
🌐 https://coresecret.eu/spenden/
V9.14.016.2026.06.06 2026-05-17 CDLB(1)
V9.14.018.2026.06.07 2026-05-17 CDLB(1)
````
# 3. Booting
docs/MAN_CISS_ISO_BOOT_CHAIN.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. CISS.debian.live.builder Boot & Trust Chain (Technical Documentation)
docs/MAN_SSH_Host_Key_Policy.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. SSH Host Key Policy CISS.debian.live.builder / CISS.debian.installer
docs/REFERENCES.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. Resources
docs/documentation/30-ciss-hardening.conf.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. ``30-ciss-hardening.conf``
docs/documentation/90-ciss-local.hardened.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. ``90-ciss-local.hardened``
docs/documentation/ciss_live_builder.sh.md
+1 -1
View File
@@ -8,7 +8,7 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.016.2026.06.06<br>
**Build**: V9.14.018.2026.06.07<br>
# 2. ``ciss_live_builder.sh``