movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 06:00:33 +03:00
Code Activity

ssh-audit: add test of audited configuration

Browse source 
On current nixpkgs, no modifications to the server settings were
necessary to pass the audit. However, some of the client algorithms were
considered insecure. The client configuration lists all algorithms which
were listed as acceptable by `ssh-audit`.

This can be used as an example of a configuration currently considered
acceptable by `ssh-audit`, and verifies that such a configuration
results in a compatible client/server configuration.

Beware that this test will continue passing when future versions of
`ssh-audit` add support for new algorithms. In other words, the example
configuration represents a subset of what the current version of
`ssh-audit` would consider acceptable.
This commit is contained in:
Victor Engmark 2023-10-16 21:31:39 +13:00 committed by Artturin
parent 3e8e178218
commit c15e1f61b0
3 changed files with 109 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
nixos/tests/all-tests.nix
View file

@ -750,6 +750,7 @@ in {
spark = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./spark {};
sqlite3-to-mysql = handleTest ./sqlite3-to-mysql.nix {};
sslh = handleTest ./sslh.nix {};
ssh-audit = handleTest ./ssh-audit.nix {};
sssd = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./sssd.nix {};
sssd-ldap = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./sssd-ldap.nix {};
stalwart-mail = handleTest ./stalwart-mail.nix {};