Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKamil Boratyński <kamil.boratynski@icloud.com>2015-12-03 03:41:07 +0300
committerKamil Boratyński <kamil.boratynski@icloud.com>2015-12-03 04:29:56 +0300
commita07c7ae4f901cf341330784f3a6914d9972b4303 (patch)
treeee5b8d5aa9a34196185be72fc35dd8314bb1d212 /include/tests_ssh
parentdcd8f8925666dfc70ef8ea01f6396ecbb130228b (diff)
Moved [SSH-7412] into [SSH-7408].
Diffstat (limited to 'include/tests_ssh')
-rw-r--r--include/tests_ssh35
1 files changed, 2 insertions, 33 deletions
diff --git a/include/tests_ssh b/include/tests_ssh
index 9afebd6d..e985e2ce 100644
--- a/include/tests_ssh
+++ b/include/tests_ssh
@@ -90,7 +90,8 @@
## <OptionName>:<ExpectedValue>,<MediumScoreValue>,<WrongValue>
## Example:
## PermitRootLogin:NO,WITHOUT-PASSWORD,YES
- SSHOPS="Protocol:2,,1"
+ SSHOPS="Protocol:2,,1\
+ PermitRootLogin:NO,WITHOUT-PASSWORD,YES"
for I in ${SSHOPS};
do
@@ -140,38 +141,6 @@
#
#################################################################################
#
- # Test : SSH-7412
- # Description : Check SSH PermitRootLogin option
- if [ ${SSH_DAEMON_RUNNING} -eq 1 -a ! "${SSH_DAEMON_CONFIG}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
- Register --test-no SSH-7412 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check SSH option: PermitRootLogin"
- if [ ${SKIPTEST} -eq 0 ]; then
- logtext "Test: check PermitRootLogin option"
- FIND=`awk '/^PermitRootLogin/ { print $2 }' ${SSH_DAEMON_CONFIG}`
- if [ "${FIND}" = "yes" -o "${FIND}" = "YES" -o "${FIND}" = "Yes" ]; then
- logtext "Result: PermitRootLogin is enabled, root can login directly"
- Display --indent 4 --text "- SSH option: PermitRootLogin" --result WARNING --color RED
- ReportWarning ${TEST_NO} "M" "Root can directly login via SSH"
- AddHP 0 3
- else
- # YYY add test for DenyUsers root
- if [ "${FIND}" = "no" -o "${FIND}" = "No" ]; then
- logtext "Result: PermitRootLogin is disabled. Root can't login directly"
- Display --indent 4 --text "- SSH option: PermitRootLogin" --result DISABLED --color GREEN
- AddHP 3 3
- elif [ "${FIND}" = "without-password" ]; then
- # Check if password authentication is disabled for root user, so this option is used properly
- logtext "Result: PermitRootLogin is disabled. Root can't login directly"
- Display --indent 4 --text "- SSH option: PermitRootLogin (without-password)" --result OK --color GREEN
- AddHP 3 3
- else
- logtext "Result: Value of PermitRootLogin is unknown (not defined)"
- Display --indent 4 --text "- SSH option: PermitRootLogin" --result DEFAULT --color WHITE
- fi
- fi
- fi
-#
-#################################################################################
-#
# Test : SSH-7416
# Description : Check SSH StrictModes option
if [ ${SSH_DAEMON_RUNNING} -eq 1 -a ! "${SSH_DAEMON_CONFIG}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi