When checking SSH remediation / fixes prior including them into Fedora,
noticed there's a slight typo in
RHEL6/input/fixes/bash/sshd_disable_root_login.sh:
..
echo "PermitRootLogin "no >> /etc/ssh/sshd_config
..
This by itself wouldn't cause the remediation to fail, but it to be more
consistent with form of other fixes, moved the closing quote at the end
(as assuming that's what was originally intended).
Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Technologies Team
From 7dedf8bfe28b6a8f4adc67f5bae710a26e98f4b4 Mon Sep 17 00:00:00 2001
From: Jan Lieskovsky <[email protected]>
Date: Tue, 17 Dec 2013 10:50:52 +0100
Subject: [PATCH] [RHEL6] Move the closing quote in sshd disable root login
remediation script at the end
Signed-off-by: Jan Lieskovsky <[email protected]>
---
RHEL6/input/fixes/bash/sshd_disable_root_login.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/RHEL6/input/fixes/bash/sshd_disable_root_login.sh b/RHEL6/input/fixes/bash/sshd_disable_root_login.sh
index e8b65aa..4c2816a 100644
--- a/RHEL6/input/fixes/bash/sshd_disable_root_login.sh
+++ b/RHEL6/input/fixes/bash/sshd_disable_root_login.sh
@@ -1,5 +1,5 @@
grep -qi ^PermitRootLogin /etc/ssh/sshd_config && \
sed -i "s/PermitRootLogin.*/PermitRootLogin no/gI" /etc/ssh/sshd_config
if ! [ $? -eq 0 ]; then
- echo "PermitRootLogin "no >> /etc/ssh/sshd_config
+ echo "PermitRootLogin no" >> /etc/ssh/sshd_config
fi
--
1.8.3.1
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
