X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=dsa-nagios-checks%2Fshare%2Fweak-ssh-keys-check;h=d6d4f8c67bfe693d02e4fc770b5cdb8c5cda9c5e;hb=97b1b99a844673cf616566005f2edc0832451910;hp=a9bd75239814b91c07c1744cd5066d849d3f2e34;hpb=d694c4df7b6cb7af2a09b98430729deefb64c69a;p=mirror%2Fdsa-nagios.git

diff --git a/dsa-nagios-checks/share/weak-ssh-keys-check b/dsa-nagios-checks/share/weak-ssh-keys-check
index a9bd752..d6d4f8c 100755
--- a/dsa-nagios-checks/share/weak-ssh-keys-check
+++ b/dsa-nagios-checks/share/weak-ssh-keys-check
@@ -309,23 +309,26 @@ sub from_debianorg_places () {
 
     my @ak = grep { /^AuthorizedKeysFile\s/i } @lines;
     my @ak2 = grep { /^AuthorizedKeysFile2\s/i } @lines;
+    my @ak_files;
 
-    if (scalar @ak != 1) {
-	print $fh "UNKNOWN\n";
-	print $fh "There is more than one AuthorizedKeysFile definition in sshd_config\n";
-	exit
+    for my $line ((@ak, @ak2)) {
+	    my @file_locations = split /\s+/, $line;
+	    shift @file_locations;
+	    push @ak_files, @file_locations;
     }
-    if (scalar @ak2 != 1) {
+
+    if (scalar @ak_files != 2) {
 	print $fh "UNKNOWN\n";
-	print $fh "There is more than one AuthorizedKeysFile2 definition in sshd_config\n";
+	print $fh "There should be two locations for User AuthorizedKeysFile defined in sshd_config\n";
 	exit
     }
-    unless ($ak[0] =~ m#^((?i)AuthorizedKeysFile)\s+/etc/ssh/userkeys/%u$# ) {
+
+    unless (grep { m#^/etc/ssh/userkeys/%u$# } @ak_files) {
 	print $fh "UNKNOWN\n";
 	print $fh "The AuthorizedKeysFile definition has an unexpected value.  Should be /etc/ssh/userkeys/%u\n";
 	exit
     }
-    unless ($ak2[0] =~ m#^((?i)AuthorizedKeysFile2)\s+/var/lib/misc/userkeys/%u$# ) {
+    unless (grep { m#^/var/lib/misc/userkeys/%u$# } @ak_files) {
 	print $fh "UNKNOWN\n";
 	print $fh "The AuthorizedKeysFile2 definition has an unexpected value.  Should be /var/lib/misc/userkeys/%u\n";
 	exit