Browse Source

test(config_spec): verify /etc/ssh/ssh_known_hosts

tags/v1.2.1
Daniel Dehennin 4 years ago
parent
commit
06ef24b8e1
1 changed files with 16 additions and 0 deletions
  1. +16
    -0
      test/integration/default/controls/config_spec.rb

+ 16
- 0
test/integration/default/controls/config_spec.rb View File

@@ -9,6 +9,11 @@ root_group =
'root'
end

github_known_host = 'github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGm[...]'
gitlab_known_host_re = /gitlab.com,[0-9a-f.:,]* ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABA/
minion_rsa_known_host = 'minion.id,alias.of.minion.id ssh-rsa [...]'
minion_ed25519_known_host = 'minion.id,alias.of.minion.id ssh-ed25519 [...]'

control 'openssh configuration' do
title 'should match desired lines'

@@ -35,4 +40,15 @@ control 'openssh configuration' do
its('content') { should include ' HashKnownHosts yes' }
its('content') { should include ' SendEnv LANG LC_*' }
end

describe file('/etc/ssh/ssh_known_hosts') do
it { should be_file }
its('mode') { should cmp '0644' }
it { should be_owned_by 'root' }
it { should be_grouped_into 'root' }
its('content') { should include github_known_host }
its('content') { should match(gitlab_known_host_re) }
its('content') { should include minion_rsa_known_host }
its('content') { should include minion_ed25519_known_host }
end
end

Loading…
Cancel
Save