tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1292 from konstruktoid/issue1291 

Only test Compression if sshd version < 7.4
This commit is contained in:
Michael Boelen 2022-10-12 10:51:31 +02:00 committed by GitHub
parent bf4fa9fabf e124499e27
commit 490d39f580
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
include/tests_ssh
View File

@ -135,7 +135,6 @@
SSHOPS="AllowTcpForwarding:NO,LOCAL,YES:=\
ClientAliveCountMax:2,4,16:<\
ClientAliveInterval:300,600,900:<\
Compression:NO,,YES:=\
FingerprintHash:SHA256,MD5,:=\
GatewayPorts:NO,,YES:=\
IgnoreRhosts:YES,,NO:=\
@ -158,12 +157,12 @@
# OpenSSH had some options removed over time. Based on the version we add some additional options to check
if [ ${OPENSSHD_VERSION_MAJOR} -lt 7 ]; then
LogText "Result: added additional options for OpenSSH 6.x and lower"
SSHOPS="${SSHOPS} UsePrivilegeSeparation:SANDBOX,YES,NO:= Protocol:2,,1:="
SSHOPS="${SSHOPS} Compression:(DELAYED|NO),,YES:= UsePrivilegeSeparation:SANDBOX,YES,NO:= Protocol:2,,1:="
elif [ ${OPENSSHD_VERSION_MAJOR} -eq 7 ]; then
# Protocol 1 support removed (OpenSSH 7.4 and later)
if [ ${OPENSSHD_VERSION_MINOR} -lt 4 ]; then
LogText "Result: added additional options for OpenSSH < 7.4"
SSHOPS="${SSHOPS} Protocol:2,,1:="
SSHOPS="${SSHOPS} Compression:(DELAYED|NO),,YES:= Protocol:2,,1:="
fi
# UsePrivilegedSeparation removed (OpenSSH 7.5 and later)
if [ ${OPENSSHD_VERSION_MINOR} -lt 5 ]; then