Last active
June 19, 2018 12:56
-
-
Save tomrgio/7d189d5078234e054230644905da3992 to your computer and use it in GitHub Desktop.
Inspec controls for DevDays Workshops
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # encoding: utf-8 | |
| include_controls 'ssh-baseline' do | |
| skip_control 'sshd-27' | |
| skip_control 'sshd-29' | |
| skip_control 'sshd-46' | |
| end | |
| control 'mycorp-sshd-27' do | |
| impact 1.0 | |
| title 'Server: Enable password based authentication' | |
| describe sshd_config do | |
| its('PasswordAuthentication') { should eq 'yes' } | |
| end | |
| end | |
| control 'mycorp-sshd-29' do | |
| impact 1.0 | |
| title 'Server: Enable ChallengeResponseAuthentication' | |
| describe sshd_config do | |
| its('ChallengeResponseAuthentication') { should eq 'yes' } | |
| end | |
| end | |
| control 'mycorp-sshd-46' do | |
| impact 1.0 | |
| title 'Server: Set Banner' | |
| describe sshd_config do | |
| its('Banner') { should eq '/etc/issue.net' } | |
| end | |
| end | |
| control 'mycorp-sshd-banner-content' do | |
| impact 1.0 | |
| title 'Server: Set Banner content' | |
| describe file('/etc/issue.net') do | |
| its('content') { should match /SUPER SECURE BANNER/ } | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment