mirror of
https://github.com/CISOfy/lynis.git
synced 2025-07-30 09:14:18 +02:00
Create a version 2 host ID
This commit is contained in:
Michael Boelen
parent
9f14495d70
commit
788ab9999d
@ -741,19 +741,16 @@
|
|||||||
FIND=`${IFCONFIGBINARY} ${I} | grep ether | awk '{ if ($1=="ether") { print $2 }}'`
|
FIND=`${IFCONFIGBINARY} ${I} | grep ether | awk '{ if ($1=="ether") { print $2 }}'`
|
||||||
if [ ! "${SHA1SUMBINARY}" = "" ]; then
|
if [ ! "${SHA1SUMBINARY}" = "" ]; then
|
||||||
HOSTID=`echo ${FIND} | ${SHA1SUMBINARY} | awk '{ print $1 }'`
|
HOSTID=`echo ${FIND} | ${SHA1SUMBINARY} | awk '{ print $1 }'`
|
||||||
|
elif [ ! "${OPENSSLBINARY}" = "" ]; then
|
||||||
|
HOSTID=`echo ${FIND} | ${OPENSSLBINARY} sha -sha1 | awk '{ print $2 }'`
|
||||||
else
|
else
|
||||||
if [ ! "${OPENSSLBINARY}" = "" ]; then
|
ReportException "GetHostID" "Can not find sha1/sha1sum or openssl"
|
||||||
HOSTID=`echo ${FIND} | ${OPENSSLBINARY} sha -sha1 | awk '{ print $2 }'`
|
|
||||||
else
|
|
||||||
ReportException "GetHostID" "Can not find sha1/sha1sum or openssl"
|
|
||||||
fi
|
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
ReportException "GetHostID" "No interface found op Solaris to create HostID"
|
ReportException "GetHostID" "No interface found op Solaris to create HostID"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
|
|
||||||
|
|
||||||
*)
|
*)
|
||||||
ReportException "GetHostID" "Can't create HOSTID as OS is not supported yet by this function"
|
ReportException "GetHostID" "Can't create HOSTID as OS is not supported yet by this function"
|
||||||
;;
|
;;
|
||||||
@ -805,6 +802,43 @@
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# New style host ID
|
||||||
|
if [ "${HOSTID2}" = "" ]; then
|
||||||
|
|
||||||
|
LogText "Info: creating a HostID (version 2)"
|
||||||
|
FOUND=0
|
||||||
|
DATA_SSH=""
|
||||||
|
# Use public keys
|
||||||
|
SSH_KEY_FILES="ssh_host_ed25519_key.pub ssh_host_ecdsa_key.pub ssh_host_dsa_key.pub ssh_host_rsa_key.pub"
|
||||||
|
if [ -d /etc/ssh ]; then
|
||||||
|
for I in ${SSH_KEY_FILES}; do
|
||||||
|
if [ ${FOUND} -eq 0 ]; then
|
||||||
|
if [ -f /etc/ssh/${I} ]; then
|
||||||
|
LogText "Result: found file ${I} in /etc/ssh"
|
||||||
|
DATA_SSH=$(cat /etc/ssh/${I})
|
||||||
|
FOUND=1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
LogText "Result: no /etc/ssh directory found, skipping"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! "${DATA_SSH}" = "" ]; then
|
||||||
|
# Create hashes
|
||||||
|
if [ ! "${SHA256SUMBINARY}" = "" ]; then
|
||||||
|
HASH_SSH=$(echo ${DATA_SSH} | ${SHA256SUMBINARY} | awk '{ print $1 }')
|
||||||
|
HASH_HOSTNAME=$(echo ${HOSTNAME} | ${SHA256SUMBINARY} | awk '{ print $1 }')
|
||||||
|
elif [ ! "${OPENSSLBINARY}" = "" ]; then
|
||||||
|
HASH_SSH=$(echo ${DATA_SSH} | ${OPENSSLBINARY} sha -sha256 | awk '{ print $2 }')
|
||||||
|
HASH_HOSTNAME=$(echo ${HOSTNAME} | ${OPENSSLBINARY} sha -sha256 | awk '{ print $2 }')
|
||||||
|
fi
|
||||||
|
LogText "Hash (hostname): ${HASH_HOSTNAME}"
|
||||||
|
LogText "Hash (ssh): ${HASH_SSH}"
|
||||||
|
Report "hostid2=${HASH_HOSTNAME}-${HASH_SSH}"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
# Show an exception if no HostID could be created, to ensure each system (and scan) has one
|
# Show an exception if no HostID could be created, to ensure each system (and scan) has one
|
||||||
if [ "${HOSTID}" = "" ]; then
|
if [ "${HOSTID}" = "" ]; then
|
||||||
ReportException "GetHostID" "No unique host identifier could be created."
|
ReportException "GetHostID" "No unique host identifier could be created."
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user