a

2026-05-11 09:15:08 +02:00
parent 9bec2b9e42
commit 404ee3fec4
641 changed files with 416825 additions and 0 deletions
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+pmask="0133"
+maxperm="$(printf '%o' $((0777 & ~$pmask)))"
+
+find -L /etc/ssh -type f 2>/dev/null | while IFS= read -r file; do
+	if ssh-keygen -lf "$file" &>/dev/null && file "$file" | grep -qi 'OpenSSH.*public key'; then
+		read -r mode owner group < <(stat -Lc '%#a %U %G' "$file")
+		[ $((mode & pmask)) -gt 0 ] && exit 1
+		[ "$owner" != "root" ] && exit 1
+		[ "$group" != "root" ] && exit 1
+	fi
+done