check-ssh-ciphers.sh 446B

123456789101112
  1. #!/bin/bash
  2. FIPS="aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc"
  3. cipher=$(sed -e '/^#/d' -e '/^[ \t][ \t]*#/d' -e 's/#.*$//' -e '/^$/d' /etc/ssh/sshd_config | grep -i "Ciphers")
  4. if [ $? -eq 0 ];then
  5. echo $cipher | sed -e 's/Ciphers//' | tr "," "\n" | while read line;do
  6. if ! echo $FIPS | grep $line;then
  7. exit 1
  8. fi
  9. done
  10. else
  11. exit 1
  12. fi