From d110a2aa1948d8e17d3b3e79db2ece81010d33c9 Mon Sep 17 00:00:00 2001 From: Thibault Ayanides Date: Fri, 2 Apr 2021 08:56:37 +0200 Subject: [PATCH] Ignore case for sshd conf fix #85 --- bin/hardening/5.2.10_disable_root_login.sh | 6 +++--- bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh | 6 +++--- bin/hardening/5.2.12_disable_sshd_setenv.sh | 6 +++--- bin/hardening/5.2.13_sshd_ciphers.sh | 6 +++--- bin/hardening/5.2.16_sshd_idle_timeout.sh | 6 +++--- bin/hardening/5.2.17_sshd_login_grace_time.sh | 6 +++--- bin/hardening/5.2.18_sshd_limit_access.sh | 6 +++--- bin/hardening/5.2.20_enable_ssh_pam.sh | 6 +++--- bin/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh | 6 +++--- bin/hardening/5.2.22_configure_ssh_max_startups.sh | 6 +++--- bin/hardening/5.2.23_limit_ssh_max_sessions.sh | 6 +++--- bin/hardening/5.2.4_sshd_protocol.sh | 6 +++--- bin/hardening/5.2.5_sshd_loglevel.sh | 2 +- bin/hardening/5.2.6_disable_x11_forwarding.sh | 4 ++-- bin/hardening/5.2.7_sshd_maxauthtries.sh | 6 +++--- bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh | 6 +++--- bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh | 6 +++--- 17 files changed, 48 insertions(+), 48 deletions(-) diff --git a/bin/hardening/5.2.10_disable_root_login.sh b/bin/hardening/5.2.10_disable_root_login.sh index bc2f2af..1972124 100755 --- a/bin/hardening/5.2.10_disable_root_login.sh +++ b/bin/hardening/5.2.10_disable_root_login.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^$SSH_PARAM" + does_pattern_exist_in_file_nocase "$FILE" "^$SSH_PARAM" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh b/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh index 1200613..22d4297 100755 --- a/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh +++ b/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.12_disable_sshd_setenv.sh b/bin/hardening/5.2.12_disable_sshd_setenv.sh index 09c1066..e6be4d1 100755 --- a/bin/hardening/5.2.12_disable_sshd_setenv.sh +++ b/bin/hardening/5.2.12_disable_sshd_setenv.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.13_sshd_ciphers.sh b/bin/hardening/5.2.13_sshd_ciphers.sh index cdfb18e..81447d5 100755 --- a/bin/hardening/5.2.13_sshd_ciphers.sh +++ b/bin/hardening/5.2.13_sshd_ciphers.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.16_sshd_idle_timeout.sh b/bin/hardening/5.2.16_sshd_idle_timeout.sh index d6c82da..93b7ca2 100755 --- a/bin/hardening/5.2.16_sshd_idle_timeout.sh +++ b/bin/hardening/5.2.16_sshd_idle_timeout.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.17_sshd_login_grace_time.sh b/bin/hardening/5.2.17_sshd_login_grace_time.sh index 6dada4e..4d698bc 100755 --- a/bin/hardening/5.2.17_sshd_login_grace_time.sh +++ b/bin/hardening/5.2.17_sshd_login_grace_time.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file $FILE "$PATTERN" + does_pattern_exist_in_file_nocase $FILE "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.18_sshd_limit_access.sh b/bin/hardening/5.2.18_sshd_limit_access.sh index 7a1d04d..1a5916b 100755 --- a/bin/hardening/5.2.18_sshd_limit_access.sh +++ b/bin/hardening/5.2.18_sshd_limit_access.sh @@ -34,7 +34,7 @@ audit() { # shellcheck disable=SC2001 SSH_VALUE=$(sed "s/'//g" <<<"$SSH_VALUE") PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -59,12 +59,12 @@ apply() { # shellcheck disable=SC2001 SSH_VALUE=$(sed "s/'//g" <<<"$SSH_VALUE") PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.20_enable_ssh_pam.sh b/bin/hardening/5.2.20_enable_ssh_pam.sh index 9de1523..1ddf034 100755 --- a/bin/hardening/5.2.20_enable_ssh_pam.sh +++ b/bin/hardening/5.2.20_enable_ssh_pam.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file $FILE "$PATTERN" + does_pattern_exist_in_file_nocase $FILE "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh b/bin/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh index 5eae6e8..0668724 100755 --- a/bin/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh +++ b/bin/hardening/5.2.21_disable_ssh_allow_tcp_forwarding.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file $FILE "$PATTERN" + does_pattern_exist_in_file_nocase $FILE "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.22_configure_ssh_max_startups.sh b/bin/hardening/5.2.22_configure_ssh_max_startups.sh index 527a53b..2f45d8d 100755 --- a/bin/hardening/5.2.22_configure_ssh_max_startups.sh +++ b/bin/hardening/5.2.22_configure_ssh_max_startups.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file $FILE "$PATTERN" + does_pattern_exist_in_file_nocase $FILE "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.23_limit_ssh_max_sessions.sh b/bin/hardening/5.2.23_limit_ssh_max_sessions.sh index 16ff59a..ae18ac1 100755 --- a/bin/hardening/5.2.23_limit_ssh_max_sessions.sh +++ b/bin/hardening/5.2.23_limit_ssh_max_sessions.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file $FILE "$PATTERN" + does_pattern_exist_in_file_nocase $FILE "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.4_sshd_protocol.sh b/bin/hardening/5.2.4_sshd_protocol.sh index c34b3ac..03a8fda 100755 --- a/bin/hardening/5.2.4_sshd_protocol.sh +++ b/bin/hardening/5.2.4_sshd_protocol.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.5_sshd_loglevel.sh b/bin/hardening/5.2.5_sshd_loglevel.sh index e45280b..ee47d8f 100755 --- a/bin/hardening/5.2.5_sshd_loglevel.sh +++ b/bin/hardening/5.2.5_sshd_loglevel.sh @@ -61,7 +61,7 @@ apply() { ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.6_disable_x11_forwarding.sh b/bin/hardening/5.2.6_disable_x11_forwarding.sh index 8751ed6..4cf04ad 100755 --- a/bin/hardening/5.2.6_disable_x11_forwarding.sh +++ b/bin/hardening/5.2.6_disable_x11_forwarding.sh @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.7_sshd_maxauthtries.sh b/bin/hardening/5.2.7_sshd_maxauthtries.sh index 5f95af7..3dd4f6d 100755 --- a/bin/hardening/5.2.7_sshd_maxauthtries.sh +++ b/bin/hardening/5.2.7_sshd_maxauthtries.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh b/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh index db7a7a1..bd92396 100755 --- a/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh +++ b/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else diff --git a/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh b/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh index 42a26b4..0ef03a4 100755 --- a/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh +++ b/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh @@ -32,7 +32,7 @@ audit() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else @@ -55,12 +55,12 @@ apply() { SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1) SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2) PATTERN="^${SSH_PARAM}[[:space:]]*$SSH_VALUE" - does_pattern_exist_in_file "$FILE" "$PATTERN" + does_pattern_exist_in_file_nocase "$FILE" "$PATTERN" if [ "$FNRET" = 0 ]; then ok "$PATTERN is present in $FILE" else warn "$PATTERN is not present in $FILE, adding it" - does_pattern_exist_in_file "$FILE" "^${SSH_PARAM}" + does_pattern_exist_in_file_nocase "$FILE" "^${SSH_PARAM}" if [ "$FNRET" != 0 ]; then add_end_of_file "$FILE" "$SSH_PARAM $SSH_VALUE" else