projects
/
mirror
/
dsa-nagios.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
add moar services to wuiet... heavy-exim + xinetd-hosts
[mirror/dsa-nagios.git]
/
dsa-nagios-checks
/
share
/
weak-ssh-keys-check
diff --git
a/dsa-nagios-checks/share/weak-ssh-keys-check
b/dsa-nagios-checks/share/weak-ssh-keys-check
index
a9bd752
..
d6d4f8c
100755
(executable)
--- a/
dsa-nagios-checks/share/weak-ssh-keys-check
+++ b/
dsa-nagios-checks/share/weak-ssh-keys-check
@@
-309,23
+309,26
@@
sub from_debianorg_places () {
my @ak = grep { /^AuthorizedKeysFile\s/i } @lines;
my @ak2 = grep { /^AuthorizedKeysFile2\s/i } @lines;
my @ak = grep { /^AuthorizedKeysFile\s/i } @lines;
my @ak2 = grep { /^AuthorizedKeysFile2\s/i } @lines;
+ my @ak_files;
-
if (scalar @ak != 1
) {
-
print $fh "UNKNOWN\n"
;
-
print $fh "There is more than one AuthorizedKeysFile definition in sshd_config\n"
;
- exit
+
for my $line ((@ak, @ak2)
) {
+
my @file_locations = split /\s+/, $line
;
+
shift @file_locations
;
+ push @ak_files, @file_locations;
}
}
- if (scalar @ak2 != 1) {
+
+ if (scalar @ak_files != 2) {
print $fh "UNKNOWN\n";
print $fh "UNKNOWN\n";
- print $fh "There
is more than one AuthorizedKeysFile2 definition
in sshd_config\n";
+ print $fh "There
should be two locations for User AuthorizedKeysFile defined
in sshd_config\n";
exit
}
exit
}
- unless ($ak[0] =~ m#^((?i)AuthorizedKeysFile)\s+/etc/ssh/userkeys/%u$# ) {
+
+ unless (grep { m#^/etc/ssh/userkeys/%u$# } @ak_files) {
print $fh "UNKNOWN\n";
print $fh "The AuthorizedKeysFile definition has an unexpected value. Should be /etc/ssh/userkeys/%u\n";
exit
}
print $fh "UNKNOWN\n";
print $fh "The AuthorizedKeysFile definition has an unexpected value. Should be /etc/ssh/userkeys/%u\n";
exit
}
- unless (
$ak2[0] =~ m#^((?i)AuthorizedKeysFile2)\s+/var/lib/misc/userkeys/%u$#
) {
+ unless (
grep { m#^/var/lib/misc/userkeys/%u$# } @ak_files
) {
print $fh "UNKNOWN\n";
print $fh "The AuthorizedKeysFile2 definition has an unexpected value. Should be /var/lib/misc/userkeys/%u\n";
exit
print $fh "UNKNOWN\n";
print $fh "The AuthorizedKeysFile2 definition has an unexpected value. Should be /var/lib/misc/userkeys/%u\n";
exit