Siv0

**Name of the Vulnerable Software and Affected Versions** The Bastion (affected versions not specified) **Description** The Bastion provides authentication, authorization, traceability, and auditability for SSH accesses. Session-recording ttyrec files are handled by the provided `osh-encrypt-rsync` script, which is used to rotate, encrypt, sign, copy, and optionally move them to remote storage. The script rotates and encrypts the files using the provided GPG key(s) but silently fails to sign them, even when signing is requested. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.