usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-02-03 14:03:24 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity

refactor[script]: remove ssh hostkey generation

Browse Source 
The ssh hostkey generation was needed for older versions of openSSH.  No longer need this to evaluate ssh configuraitons.
This commit is contained in:
Dan Brodjieski
2025-09-12 13:21:20 -04:00
parent 9d6ba54b13
commit 76c33f3188
1 changed files with 0 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
scripts/generate_guidance.py
View File

@@ -945,14 +945,6 @@ if [[ $EUID -ne 0 ]]; then
exit 1
fi
ssh_key_check=0
if /usr/sbin/sshd -T &> /dev/null || /usr/sbin/sshd -G &>/dev/null; then
ssh_key_check=0
else
/usr/bin/ssh-keygen -q -N "" -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key
ssh_key_check=1
fi
# path to PlistBuddy
plb="/usr/libexec/PlistBuddy"
@@ -1514,12 +1506,6 @@ else
read_options
done
fi
if [[ "$ssh_key_check" -ne 0 ]]; then
/bin/rm /etc/ssh/ssh_host_rsa_key
/bin/rm /etc/ssh/ssh_host_rsa_key.pub
ssh_key_check=0
fi
"""
# write out the compliance script