Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #############################################
- # SSH Parameter
- {"Protocol" => "2", "LogLevel" => "INFO", "MaxAuthTries" => "4", "IgnoreRhosts" => "yes", "HostbasedAuthentication" => "no", "PermitRootLogin" => "no", "PermitEmptyPasswords" => "no", "Banner" => "/etc/issue.net"}.each do |param, value|
- cfg_file = "/etc/ssh/sshd_config"
- replace_line_re = /^#{param}.*/
- insert_line_text = replace_line_text = "#{param} #{value}"
- insert_line_re = /^#{replace_line_text}/
- ruby_block "CIS: SSHd Parameter modifizieren. " + param + " => " + value do
- block do
- fe = Chef::Util::FileEdit.new(cfg_file)
- # Alte Werte durch neue Werte ersetzen
- fe.search_file_replace_line(replace_line_re, replace_line_text)
- # Zeile mit neuem Wert am Ende der Datei einfügen - falls nicht schon vorhanden
- fe.insert_line_if_no_match(insert_line_re, insert_line_text)
- # Datei schreiben
- fe.write_file
- end # of block do
- notifies :reload, "service[ssh]", :delayed
- end # of ruby_block "CIS: SSHd Parameter modifizieren. " + param + " => " + value do
- end # of {"Protocol" => "2", "LogLevel" => "INFO", "MaxAuthTries" => "4", "IgnoreRhosts" => "yes", "HostbasedAuthentication" => "no", "PermitRootLogin" => "no", "PermitEmptyPasswords" => "no", "Banner" => "/etc/issue.net"}.each do |param, value|
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement