had inverse logic. fixed. still shouldn't have caused script to error though... hmm...

ProjectCode/Modules/Security/secharden-ssh.sh

@@ -2,12 +2,6 @@
 
 set -x
 
-export framework_include_file
-framework_include_file=""
-
-export project_include_file
-project_include_file=""
-
 for framework_include_file in ../../../Framework-Includes/*; do
   source "$framework_include_file"
 done
@@ -16,12 +10,11 @@ for project_include_file in ../../../Project-Includes/*; do
   source "$project_include_file"
 done
 
-
 export SUBODEV_CHECK
-SUBODEV_CHECK="$(getent passwd|grep -c subodev || true)"
+SUBODEV_CHECK="$(getent passwd | grep -c subodev || true)"
 
 export LOCALUSER_CHECK
-LOCALUSER_CHECK="$(getent passwd|grep -c localuser || true)"
+LOCALUSER_CHECK="$(getent passwd | grep -c localuser || true)"
 
 export ROOT_SSH_DIR
 ROOT_SSH_DIR="/root/.ssh"
@@ -32,51 +25,51 @@ LOCALUSER_SSH_DIR="/home/localuser/.ssh"
 export SUBODEV_SSH_DIR
 SUBODEV_SSH_DIR="/home/subodev/.ssh"
 
-if [ ! -d $ROOT_SSH_DIR ]; then 
-  mkdir /root/.ssh/ 
-fi 
+export NOT_UBUNTU_CHECK
+NOT_UBUNTU_CHECK="$(distro | grep -c -v Ubuntu)"
 
-curl --silent "${DL_ROOT}"/ProjectCode/ConfigFiles/SSH/AuthorizedKeys/root-ssh-authorized-keys > /root/.ssh/authorized_keys 
-chmod 400 /root/.ssh/authorized_keys 
+if [ ! -d $ROOT_SSH_DIR ]; then
+  mkdir /root/.ssh/
+fi
+
+curl --silent "${DL_ROOT}"/ProjectCode/ConfigFiles/SSH/AuthorizedKeys/root-ssh-authorized-keys >/root/.ssh/authorized_keys
+chmod 400 /root/.ssh/authorized_keys
 chown root: /root/.ssh/authorized_keys
 
-
 if [ "$LOCALUSER_CHECK" -gt 0 ]; then
-  if [ ! -d $LOCALUSER_SSH_DIR ]; then 
-     mkdir -p /home/localuser/.ssh/
+  if [ ! -d $LOCALUSER_SSH_DIR ]; then
+    mkdir -p /home/localuser/.ssh/
   fi
 
- curl --silent "${DL_ROOT}"/ProjectCode/ConfigFiles/SSH/AuthorizedKeys/localuser-ssh-authorized-keys > /home/localuser/.ssh/authorized_keys \
-  && chown localuser /home/localuser/.ssh/authorized_keys \
-  && chmod 400 /home/localuser/.ssh/authorized_keys
+  curl --silent "${DL_ROOT}"/ProjectCode/ConfigFiles/SSH/AuthorizedKeys/localuser-ssh-authorized-keys >/home/localuser/.ssh/authorized_keys &&
+    chown localuser /home/localuser/.ssh/authorized_keys &&
+    chmod 400 /home/localuser/.ssh/authorized_keys
 fi
 
 if [ "$SUBODEV_CHECK" = 1 ]; then
 
-if [ ! -d $SUBODEV_SSH_DIR ]; then 
-  mkdir /home/subodev/.ssh/ 
+  if [ ! -d $SUBODEV_SSH_DIR ]; then
+    mkdir /home/subodev/.ssh/
+  fi
+
+  curl --silent "${DL_ROOT}"/ProjectCode/ConfigFiles/SSH/AuthorizedKeys/localuser-ssh-authorized-keys >/home/subodev/.ssh/authorized_keys &&
+    chmod 400 /home/subodev/.ssh/authorized_keys &&
+    chown subodev: /home/subodev/.ssh/authorized_keys
 fi
 
-curl --silent "${DL_ROOT}"/ProjectCode/ConfigFiles/SSH/AuthorizedKeys/localuser-ssh-authorized-keys > /home/subodev/.ssh/authorized_keys \
-&& chmod 400 /home/subodev/.ssh/authorized_keys \
-&& chown subodev: /home/subodev/.ssh/authorized_keys
+cat ../../ConfigFiles/SSH/Configs/tsys-sshd-config >/etc/ssh/sshd_config
+
+
+#Don't deploy this config to a ubuntu server, it breaks openssh server. Works on kali/debian.
+
+if [ "$NOT_UBUNTU_CHECK" -eq 1 ]; then
+  cat ../../ConfigFiles/SSH/Configs/ssh-audit-hardening.conf >/etc/ssh/sshd_config.d/ssh-audit_hardening.conf
 fi
 
-cat ../../ConfigFiles/SSH/Configs/tsys-sshd-config > /etc/ssh/sshd_config
-
-export UBUNTU_CHECK
-UBUNTU_CHECK="$(distro|grep -c Ubuntu)"
-
-#Don't deploy this config to a ubuntu server, it breaks openssh server. Works on kali/debian. 
-
-if [ $UBUNTU_CHECK -eq 0 ]; then
-cat ../../ConfigFiles/SSH/Configs/ssh-audit-hardening.conf > /etc/ssh/sshd_config.d/ssh-audit_hardening.conf
-fi
-
-# Perms on sshd_config 
+# Perms on sshd_config
 chmod og-rwx /etc/ssh/sshd_config
 chmod og-rwx /etc/ssh/sshd_config.d/*
 
 #todo
 
-# only strong MAC algos are used
+# only strong MAC algos are used