Modify Ubuntu bash remediation for sshd_use_approved_macs_ordered_stig

The remediation now uses the bash_sshd_remediation macro and the sshd_approved_macs variable.
ComplianceAsCode · May 9, 2024 · 63f543d · 63f543d
1 parent 41f8ab7
commit 63f543d
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/bash/shared.sh b/linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs_ordered_stig/bash/shared.sh
@@ -1,6 +1,12 @@
 # platform = Red Hat Enterprise Linux 7,Oracle Linux 7,multi_platform_sle,multi_platform_ubuntu
+
+{{%- if 'ubuntu' in product %}}
+{{{ bash_instantiate_variables('sshd_approved_macs') }}}
+{{{ bash_sshd_remediation(parameter="MACs", value="$sshd_approved_macs", config_is_distributed=sshd_distributed_config) }}}
+{{%- else %}}
 if grep -q -P '^\s*MACs\s+' /etc/ssh/sshd_config; then
   sed -i 's/^\s*MACs.*/MACs hmac-sha2-512,hmac-sha2-256/' /etc/ssh/sshd_config
 else
   echo "MACs hmac-sha2-512,hmac-sha2-256" >> /etc/ssh/sshd_config
 fi
+{{%- endif %}}