Puppet Class: almalinux_hardening::services::ssh::keys

Defined in:
manifests/services/ssh/keys.pp

Summary

Verify Permissions on SSH Server Public *.pub Key Files

Overview

Puppet Module to perform AlmaLinux 8 OS Hardening with CIS benchmark. Copyright © 2022 Jonas Hügli

Examples:

include almalinux_hardening::services::ssh::keys


17
18
19
20
21
22
23
24
25
 
# File 'manifests/services/ssh/keys.pp', line 17

class almalinux_hardening::services::ssh::keys {
  if $almalinux_hardening::enable_ssh_keys {
    exec { 'ssh_keys':
      path    => '/usr/bin:/bin:/usr/sbin',
      command => 'find /etc/ssh -name "*.pub" -type f -not -perm 640 -exec chmod 0640 {} \;',
      unless  => 'find /etc/ssh -name "*.pub" -type f -not -perm 640 | wc -l | grep -q -E "^0$"',
    }
  }
}