Saltstack Official OpenSSH Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

39 lines
1.2KB

  1. # frozen_string_literal: true
  2. # Overide by Platform
  3. root_group =
  4. case platform[:family]
  5. when 'bsd'
  6. 'wheel'
  7. else
  8. 'root'
  9. end
  10. control 'openssh configuration' do
  11. title 'should match desired lines'
  12. describe file('/etc/ssh/sshd_config') do
  13. it { should be_file }
  14. its('mode') { should cmp '0644' }
  15. it { should be_owned_by 'root' }
  16. it { should be_grouped_into root_group }
  17. its('content') { should include 'ChallengeResponseAuthentication no' }
  18. its('content') { should include 'X11Forwarding yes' }
  19. its('content') { should include 'PrintMotd no' }
  20. its('content') { should include 'AcceptEnv LANG LC_*' }
  21. its('content') { should include 'Subsystem sftp /usr/lib/openssh/sftp-server' }
  22. its('content') { should include 'UsePAM yes' }
  23. end
  24. describe file('/etc/ssh/ssh_config') do
  25. it { should be_file }
  26. its('mode') { should cmp '0644' }
  27. it { should be_owned_by 'root' }
  28. it { should be_grouped_into root_group }
  29. its('content') { should include 'Host *' }
  30. its('content') { should include ' GSSAPIAuthentication yes' }
  31. its('content') { should include ' HashKnownHosts yes' }
  32. its('content') { should include ' SendEnv LANG LC_*' }
  33. end
  34. end