Merge pull request #123 from jeremy-clerc/root_login

artem-sidorenko · web-flow · commit d2e1fe01ad88 · 2019-02-11T21:28:35.000+01:00
Allow prohibit-password as PermitRootLogin value
diff --git a/controls/sshd_spec.rb b/controls/sshd_spec.rb
@@ -103,7 +103,7 @@
   title 'Server: Do not permit root-based login or do not allow password and keyboard-interactive authentication'
   desc 'Reduce the potential risk to gain full privileges access of the system because of weak password and keyboard-interactive authentication, do not allow logging in as the root user or with password authentication.'
   describe sshd_config do
-    its('PermitRootLogin') { should match(/no|without-password/) }
+    its('PermitRootLogin') { should match(/no|without-password|prohibit-password/) }
   end
 end
 
