diff --git a/tests/hardening/5.2.1_sshd_conf_perm_ownership.sh b/tests/hardening/5.2.1_sshd_conf_perm_ownership.sh
index b333419..589fc96 100644
--- a/tests/hardening/5.2.1_sshd_conf_perm_ownership.sh
+++ b/tests/hardening/5.2.1_sshd_conf_perm_ownership.sh
@@ -6,5 +6,36 @@ test_audit() {
     # shellcheck disable=2154
     run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
 
-    # TODO fill comprehensive tests
+    local test_user="testsshduser"
+    local test_file="/etc/ssh/sshd_config"
+
+    describe Tests purposely failing
+    chmod 777 $test_file
+    register_test retvalshouldbe 1
+    register_test contain "permissions were not set to"
+    run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    describe correcting situation
+    sed  -i 's/audit/enabled/' /opt/debian-cis/etc/conf.d/"${script}".cfg
+    /opt/debian-cis/bin/hardening/"${script}".sh --apply || true
+
+    describe Tests purposely failing
+    useradd $test_user
+    chown $test_user:$test_user $test_file
+    register_test retvalshouldbe 1
+    register_test contain "ownership was not set to"
+    run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    describe correcting situation
+    sed  -i 's/audit/enabled/' /opt/debian-cis/etc/conf.d/"${script}".cfg
+    /opt/debian-cis/bin/hardening/"${script}".sh --apply || true
+
+    describe Checking resolved state
+    register_test retvalshouldbe 0
+    register_test contain "has correct permissions"
+    register_test contain "has correct ownership"
+    run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    # Cleanup
+    userdel $test_user
 }
diff --git a/tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh b/tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh
index b333419..cc095a5 100755
--- a/tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh
+++ b/tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh
@@ -6,5 +6,38 @@ test_audit() {
     # shellcheck disable=2154
     run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
 
-    # TODO fill comprehensive tests
+    local test_user="testsshduser"
+    local test_file="/etc/ssh/ssh_host_test_key"
+
+    touch $test_file
+
+    describe Tests purposely failing
+    chmod 777 $test_file
+    register_test retvalshouldbe 1
+    register_test contain "permissions were not set to"
+    run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    describe correcting situation
+    sed  -i 's/audit/enabled/' /opt/debian-cis/etc/conf.d/"${script}".cfg
+    /opt/debian-cis/bin/hardening/"${script}".sh --apply || true
+
+    describe Tests purposely failing
+    useradd $test_user
+    chown $test_user:$test_user $test_file
+    register_test retvalshouldbe 1
+    register_test contain "ownership was not set to"
+    run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    describe correcting situation
+    sed  -i 's/audit/enabled/' /opt/debian-cis/etc/conf.d/"${script}".cfg
+    /opt/debian-cis/bin/hardening/"${script}".sh --apply || true
+
+    describe Checking resolved state
+    register_test retvalshouldbe 0
+    register_test contain "SSH private keys in /etc/ssh have correct permissions"
+    register_test contain "SSH private keys in /etc/ssh have correct ownership"
+    run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    # Cleanup
+    userdel $test_user
 }
diff --git a/tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh b/tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh
index b333419..7eb3778 100755
--- a/tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh
+++ b/tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh
@@ -6,5 +6,38 @@ test_audit() {
     # shellcheck disable=2154
     run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
 
-    # TODO fill comprehensive tests
+    local test_user="testsshduser"
+    local test_file="/etc/ssh/ssh_host_test_key.pub"
+
+    touch $test_file
+
+    describe Tests purposely failing
+    chmod 777 $test_file
+    register_test retvalshouldbe 1
+    register_test contain "permissions were not set to"
+    run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    describe correcting situation
+    sed  -i 's/audit/enabled/' /opt/debian-cis/etc/conf.d/"${script}".cfg
+    /opt/debian-cis/bin/hardening/"${script}".sh --apply || true
+
+    describe Tests purposely failing
+    useradd $test_user
+    chown $test_user:$test_user $test_file
+    register_test retvalshouldbe 1
+    register_test contain "ownership was not set to"
+    run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    describe correcting situation
+    sed  -i 's/audit/enabled/' /opt/debian-cis/etc/conf.d/"${script}".cfg
+    /opt/debian-cis/bin/hardening/"${script}".sh --apply || true
+
+    describe Checking resolved state
+    register_test retvalshouldbe 0
+    register_test contain "SSH public keys in /etc/ssh have correct permissions"
+    register_test contain "SSH public keys in /etc/ssh have correct ownership"
+    run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    # Cleanup
+    userdel $test_user
 }