rpms / scap-security-guide

Clone
Source Code
GIT

Blame SOURCES/scap-security-guide-0.1.65-stig_rhel8_sshd_disable_compression-PR_9798.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   f6303c6fb4f0faac5938f1045bc4fd02351b4455
  2.   SOURCES
  3.   scap-security-guide-0.1.65-stig_rhel8_sshd_disable_compression-PR_9798.patch
Blob History Raw
f6303c 
From 93b9ab4f532710a8c063d7a71cbbeee26be2470b Mon Sep 17 00:00:00 2001
f6303c 
From: Watson Sato <wsato@redhat.com>
f6303c 
Date: Tue, 8 Nov 2022 18:01:17 +0100
f6303c 
Subject: [PATCH] Add test for param conflicts for SSH compression
f6303c
f6303c 
---
f6303c 
 .../tests/param_conflict.fail.sh                  | 13 +++++++++++++
f6303c 
 .../tests/param_conflict_directory.fail.sh        | 15 +++++++++++++++
f6303c 
 2 files changed, 28 insertions(+)
f6303c 
 create mode 100644 linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict.fail.sh
f6303c 
 create mode 100644 linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh
f6303c
f6303c 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict.fail.sh
f6303c 
new file mode 100644
f6303c 
index 00000000000..a631b3207bd
f6303c 
--- /dev/null
f6303c 
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict.fail.sh
f6303c 
@@ -0,0 +1,13 @@
f6303c 
+#!/bin/bash
f6303c 
+
f6303c 
+SSHD_PARAM="Compression"
f6303c 
+
f6303c 
+mkdir -p /etc/ssh/sshd_config.d
f6303c 
+touch /etc/ssh/sshd_config.d/nothing
f6303c 
+
f6303c 
+if grep -q "^\s*${SSHD_PARAM}" /etc/ssh/sshd_config /etc/ssh/sshd_config.d/* ; then
f6303c 
+    sed -i "/^\s*${SSHD_PARAM}.*/Id" /etc/ssh/sshd_config /etc/ssh/sshd_config.d/*
f6303c 
+fi
f6303c 
+
f6303c 
+echo "${SSHD_PARAM} no" >> /etc/ssh/sshd_config
f6303c 
+echo "${SSHD_PARAM} yes" >> /etc/ssh/sshd_config
f6303c 
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh
f6303c 
new file mode 100644
f6303c 
index 00000000000..f1c15c139c7
f6303c 
--- /dev/null
f6303c 
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh
f6303c 
@@ -0,0 +1,15 @@
f6303c 
+#!/bin/bash
f6303c 
+
f6303c 
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
f6303c 
+
f6303c 
+SSHD_PARAM="Compression"
f6303c 
+
f6303c 
+mkdir -p /etc/ssh/sshd_config.d
f6303c 
+touch /etc/ssh/sshd_config.d/nothing
f6303c 
+
f6303c 
+if grep -q "^\s*${SSHD_PARAM}" /etc/ssh/sshd_config /etc/ssh/sshd_config.d/* ; then
f6303c 
+   sed -i "/^\s*${SSHD_PARAM}.*/Id" /etc/ssh/sshd_config /etc/ssh/sshd_config.d/*
f6303c 
+fi
f6303c 
+
f6303c 
+echo "${SSHD_PARAM} no" > /etc/ssh/sshd_config.d/good_config.conf
f6303c 
+echo "${SSHD_PARAM} yes" > /etc/ssh/sshd_config.d/bad_config.conf

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation