#! /bin/bash

# script checks SSH (sshd) configuration

. /usr/src/k_framework/main.sh

# ---- VARS -----

VERSION="1.0.0"
SCRIPT_NAME="SSH Checking"

TEST=0   # 1 - do not execute changes

# ---- FUNCTIONS -----


# ---- MAIN -----

k_start

if [ "$TEST" == "1" ]; then
    report "***** TEST MODE ON. Changes will not be applied *****" 8
fi


if cat /etc/ssh/sshd_config | grep -q "PubkeyAuthentication no"; then
    report "PubkeyAuthentication no detected. Authentication by key could be disabled" 1
    EXIT_CODE=1
fi


if cat /etc/ssh/sshd_config | grep -q "#AuthorizedKeysFile"; then
    report "#AuthorizedKeysFile detected. Authentication by key could be disabled" 1
    EXIT_CODE=1
fi


k_exit $EXIT_CODE