go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers-sdk/v1/testutils/testdata/arch.json (about) 1 { 2 "assets": [ 3 { 4 "asset": { 5 "id": "Arch Linux", 6 "platformIDs": [ 7 "archlinux" 8 ], 9 "name": "arch", 10 "arch": "x86_64", 11 "title": "Arch Linux", 12 "family": [ 13 "arch", 14 "linux", 15 "unix", 16 "os" 17 ], 18 "build": "rolling", 19 "version": "rolling" 20 }, 21 "connections": [ 22 { 23 "url": "local://", 24 "provider": "os", 25 "connector": "local", 26 "version": "" 27 }, 28 { 29 "url": "host://", 30 "provider": "network", 31 "connector": "", 32 "version": "" 33 }, 34 { 35 "url": "mock://", 36 "provider": "mockprovider", 37 "connector": "", 38 "version": "" 39 } 40 ], 41 "resources": [ 42 { 43 "Resource": "command", 44 "ID": "mount", 45 "Fields": { 46 "exitcode": { 47 "type": "\u0005", 48 "value": 0 49 }, 50 "stderr": { 51 "type": "\u0007", 52 "value": "" 53 }, 54 "stdout": { 55 "type": "\u0007", 56 "value": "overlay on / type overlay (rw,relatime)\nproc on /proc type proc (rw,nosuid,nodev,noexec,relatime)\ntmpfs on /dev type tmpfs (rw,nosuid,size=65536k,mode=755)" 57 } 58 } 59 }, 60 { 61 "Resource": "file", 62 "ID": "/dummy.array.json", 63 "Fields": { 64 "content": { 65 "type": "\u0007", 66 "value": "[1,\"hi\",{\"ll\": 0},\"z\"]\n" 67 }, 68 "path": { 69 "type": "\u0007", 70 "value": "/dummy.array.json" 71 }, 72 "permissions": { 73 "type": "\u001bfile.permissions", 74 "value": { 75 "Name": "file.permissions", 76 "ID": "-rw-r--r--" 77 } 78 }, 79 "size": { 80 "type": "\u0005", 81 "value": 23 82 } 83 } 84 }, 85 { 86 "Resource": "file", 87 "ID": "/dummy.false.json", 88 "Fields": { 89 "content": { 90 "type": "\u0007", 91 "value": "false\n" 92 }, 93 "path": { 94 "type": "\u0007", 95 "value": "/dummy.false.json" 96 }, 97 "permissions": { 98 "type": "\u001bfile.permissions", 99 "value": { 100 "Name": "file.permissions", 101 "ID": "-rw-r--r--" 102 } 103 }, 104 "size": { 105 "type": "\u0005", 106 "value": 6 107 } 108 } 109 }, 110 { 111 "Resource": "file", 112 "ID": "/dummy.json", 113 "Fields": { 114 "content": { 115 "type": "\u0007", 116 "value": "{\n \"_\": null,\n \"true\": true,\n \"1\": 1,\n \"1.0\": 1.0,\n \"int-array\": [1,2,3],\n \"dict\": {\n \"ee\": 3,\n \"ej\": 4,\n \"ek\": 5\n },\n \"f\": [{\"ff\": 3}],\n \"string-array\": [\"a\", \"b\", \"c\"],\n \"hello\": \"hello\",\n \"date\": \"2016-01-28T23:02:24Z\",\n \"aoa\": [[1, 2], 3]\n}\n" 117 }, 118 "path": { 119 "type": "\u0007", 120 "value": "/dummy.json" 121 }, 122 "permissions": { 123 "type": "\u001bfile.permissions", 124 "value": { 125 "Name": "file.permissions", 126 "ID": "-rw-r--r--" 127 } 128 }, 129 "size": { 130 "type": "\u0005", 131 "value": 266 132 } 133 } 134 }, 135 { 136 "Resource": "file", 137 "ID": "/dummy.null.json", 138 "Fields": { 139 "content": { 140 "type": "\u0007", 141 "value": "null\n" 142 }, 143 "path": { 144 "type": "\u0007", 145 "value": "/dummy.null.json" 146 }, 147 "permissions": { 148 "type": "\u001bfile.permissions", 149 "value": { 150 "Name": "file.permissions", 151 "ID": "-rw-r--r--" 152 } 153 }, 154 "size": { 155 "type": "\u0005", 156 "value": 5 157 } 158 } 159 }, 160 { 161 "Resource": "file", 162 "ID": "/dummy.number.json", 163 "Fields": { 164 "content": { 165 "type": "\u0007", 166 "value": "1.23\n" 167 }, 168 "path": { 169 "type": "\u0007", 170 "value": "/dummy.number.json" 171 }, 172 "permissions": { 173 "type": "\u001bfile.permissions", 174 "value": { 175 "Name": "file.permissions", 176 "ID": "-rw-r--r--" 177 } 178 }, 179 "size": { 180 "type": "\u0005", 181 "value": 5 182 } 183 } 184 }, 185 { 186 "Resource": "file", 187 "ID": "/dummy.plist", 188 "Fields": { 189 "content": { 190 "type": "\u0007", 191 "value": "\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\n\u003c!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\"\u003e\n\u003cplist version=\"1.0\"\u003e\n\u003cdict\u003e\n\t\u003ckey\u003eallowdownloadsignedenabled\u003c/key\u003e\n\t\u003cinteger\u003e1\u003c/integer\u003e\n\t\u003ckey\u003eallowsignedenabled\u003c/key\u003e\n\t\u003cinteger\u003e1\u003c/integer\u003e\n\t\u003ckey\u003eapplications\u003c/key\u003e\n\t\u003carray/\u003e\n\t\u003ckey\u003eexceptions\u003c/key\u003e\n\t\u003carray\u003e\n\t\t\u003cdict\u003e\n\t\t\t\u003ckey\u003epath\u003c/key\u003e\n\t\t\t\u003cstring\u003e/usr/libexec/configd\u003c/string\u003e\n\t\t\t\u003ckey\u003estate\u003c/key\u003e\n\t\t\t\u003cinteger\u003e3\u003c/integer\u003e\n\t\t\u003c/dict\u003e\n\t\t\u003cdict\u003e\n\t\t\t\u003ckey\u003ebundleid\u003c/key\u003e\n\t\t\t\u003cstring\u003ecom.apple.EmbeddedOSInstallService\u003c/string\u003e\n\t\t\t\u003ckey\u003epath\u003c/key\u003e\n\t\t\t\u003cstring\u003e/System/Library/PrivateFrameworks/EmbeddedOSInstall.framework/Versions/A/XPCServices/EmbeddedOSInstallService.xpc/\u003c/string\u003e\n\t\t\t\u003ckey\u003estate\u003c/key\u003e\n\t\t\t\u003cinteger\u003e3\u003c/integer\u003e\n\t\t\u003c/dict\u003e\n\t\u003c/array\u003e\n\t\u003ckey\u003eexplicitauths\u003c/key\u003e\n\t\u003carray\u003e\n\t\t\u003cdict\u003e\n\t\t\t\u003ckey\u003eid\u003c/key\u003e\n\t\t\t\u003cstring\u003eorg.python.python.app\u003c/string\u003e\n\t\t\u003c/dict\u003e\n\t\t\u003cdict\u003e\n\t\t\t\u003ckey\u003eid\u003c/key\u003e\n\t\t\t\u003cstring\u003ecom.apple.ksh\u003c/string\u003e\n\t\t\u003c/dict\u003e\n\t\u003c/array\u003e\n\t\u003ckey\u003efirewall\u003c/key\u003e\n\t\u003cdict\u003e\n\t\t\u003ckey\u003eApple Remote Desktop\u003c/key\u003e\n\t\t\u003cdict\u003e\n\t\t\t\u003ckey\u003eproc\u003c/key\u003e\n\t\t\t\u003cstring\u003eAppleVNCServer\u003c/string\u003e\n\t\t\t\u003ckey\u003estate\u003c/key\u003e\n\t\t\t\u003cinteger\u003e0\u003c/integer\u003e\n\t\t\u003c/dict\u003e\n\t\u003c/dict\u003e\n\t\u003ckey\u003eloggingenabled\u003c/key\u003e\n\t\u003cinteger\u003e1\u003c/integer\u003e\n\t\u003ckey\u003eversion\u003c/key\u003e\n\t\u003cstring\u003e1.6\u003c/string\u003e\n\u003c/dict\u003e\n\u003c/plist\u003e\n" 192 }, 193 "path": { 194 "type": "\u0007", 195 "value": "/dummy.plist" 196 }, 197 "permissions": { 198 "type": "\u001bfile.permissions", 199 "value": { 200 "Name": "file.permissions", 201 "ID": "-rw-r--r--" 202 } 203 }, 204 "size": { 205 "type": "\u0005", 206 "value": 1270 207 } 208 } 209 }, 210 { 211 "Resource": "file", 212 "ID": "/dummy.string.json", 213 "Fields": { 214 "content": { 215 "type": "\u0007", 216 "value": "\"hi\"\n" 217 }, 218 "path": { 219 "type": "\u0007", 220 "value": "/dummy.string.json" 221 }, 222 "permissions": { 223 "type": "\u001bfile.permissions", 224 "value": { 225 "Name": "file.permissions", 226 "ID": "-rw-r--r--" 227 } 228 }, 229 "size": { 230 "type": "\u0005", 231 "value": 5 232 } 233 } 234 }, 235 { 236 "Resource": "file", 237 "ID": "/dummy.true.json", 238 "Fields": { 239 "content": { 240 "type": "\u0007", 241 "value": "true\n" 242 }, 243 "path": { 244 "type": "\u0007", 245 "value": "/dummy.true.json" 246 }, 247 "permissions": { 248 "type": "\u001bfile.permissions", 249 "value": { 250 "Name": "file.permissions", 251 "ID": "-rw-r--r--" 252 } 253 }, 254 "size": { 255 "type": "\u0005", 256 "value": 5 257 } 258 } 259 }, 260 { 261 "Resource": "file", 262 "ID": "/etc", 263 "Fields": { 264 "path": { 265 "type": "\u0007", 266 "value": "/etc" 267 }, 268 "permissions": { 269 "type": "\u001bfile.permissions", 270 "value": { 271 "Name": "file.permissions", 272 "ID": "drwxr-xr-x" 273 } 274 }, 275 "size": { 276 "type": "\u0005", 277 "value": 12288 278 } 279 } 280 }, 281 { 282 "Resource": "file", 283 "ID": "/etc/UPower", 284 "Fields": { 285 "path": { 286 "type": "\u0007", 287 "value": "/etc/UPower" 288 }, 289 "permissions": { 290 "type": "\u001bfile.permissions", 291 "value": { 292 "Name": "file.permissions", 293 "ID": "drwxr-xr-x" 294 } 295 }, 296 "size": { 297 "type": "\u0005", 298 "value": 4096 299 } 300 } 301 }, 302 { 303 "Resource": "file", 304 "ID": "/etc/UPower/UPower.conf", 305 "Fields": { 306 "path": { 307 "type": "\u0007", 308 "value": "/etc/UPower/UPower.conf" 309 }, 310 "permissions": { 311 "type": "\u001bfile.permissions", 312 "value": { 313 "Name": "file.permissions", 314 "ID": "-rw-r--r--" 315 } 316 }, 317 "size": { 318 "type": "\u0005", 319 "value": 2847 320 } 321 } 322 }, 323 { 324 "Resource": "file", 325 "ID": "/etc/X11", 326 "Fields": { 327 "path": { 328 "type": "\u0007", 329 "value": "/etc/X11" 330 }, 331 "permissions": { 332 "type": "\u001bfile.permissions", 333 "value": { 334 "Name": "file.permissions", 335 "ID": "drwxr-xr-x" 336 } 337 }, 338 "size": { 339 "type": "\u0005", 340 "value": 4096 341 } 342 } 343 }, 344 { 345 "Resource": "file", 346 "ID": "/etc/X11/xinit", 347 "Fields": { 348 "path": { 349 "type": "\u0007", 350 "value": "/etc/X11/xinit" 351 }, 352 "permissions": { 353 "type": "\u001bfile.permissions", 354 "value": { 355 "Name": "file.permissions", 356 "ID": "drwxr-xr-x" 357 } 358 }, 359 "size": { 360 "type": "\u0005", 361 "value": 4096 362 } 363 } 364 }, 365 { 366 "Resource": "file", 367 "ID": "/etc/login.defs", 368 "Fields": { 369 "content": { 370 "type": "\u0007", 371 "value": "FAIL_DELAY\t\t3\nLOG_UNKFAIL_ENAB\tno\nLOG_OK_LOGINS\t\tno\nSYSLOG_SU_ENAB\t\tyes\nSYSLOG_SG_ENAB\t\tyes\nCONSOLE\t\t/etc/securetty\nSU_NAME\t\tsu\nMAIL_DIR\t/var/spool/mail\nHUSHLOGIN_FILE\t.hushlogin\nENV_SUPATH\tPATH=/usr/local/sbin:/usr/local/bin:/usr/bin\nENV_PATH\tPATH=/usr/local/sbin:/usr/local/bin:/usr/bin\nTTYGROUP\ttty\nTTYPERM\t\t0600\nERASECHAR\t0177\nKILLCHAR\t025\nUMASK\t\t077\nPASS_MAX_DAYS\t99999\nPASS_MIN_DAYS\t0\nPASS_WARN_AGE\t7\nUID_MIN\t\t\t 1000\nUID_MAX\t\t\t60000\nSYS_UID_MIN\t\t 500\nSYS_UID_MAX\t\t 999\nGID_MIN\t\t\t 1000\nGID_MAX\t\t\t60000\nSYS_GID_MIN\t\t 500\nSYS_GID_MAX\t\t 999\nLOGIN_RETRIES\t\t5\nLOGIN_TIMEOUT\t\t60\nCHFN_RESTRICT\t\trwh\nDEFAULT_HOME\tyes\nUSERGROUPS_ENAB yes\nMOTD_FILE\nENCRYPT_METHOD\tSHA512\n" 372 }, 373 "path": { 374 "type": "\u0007", 375 "value": "/etc/login.defs" 376 }, 377 "permissions": { 378 "type": "\u001bfile.permissions", 379 "value": { 380 "Name": "file.permissions", 381 "ID": "-rw-r--r--" 382 } 383 }, 384 "size": { 385 "type": "\u0005", 386 "value": 670 387 } 388 } 389 }, 390 { 391 "Resource": "file", 392 "ID": "/etc/ntp.conf", 393 "Fields": { 394 "content": { 395 "type": "\u0007", 396 "value": "# --- GENERAL CONFIGURATION ---\nrestrict default ignore\nrestrict 66.187.224.4 mask 255.255.255.255 nomodify notrap noquery\nrestrict 18.26.4.105 mask 255.255.255.255 nomodify notrap noquery\nrestrict 128.249.1.10 mask 255.255.255.255 nomodify notrap noquery\n# Server config\nserver 127.127.1.0 # local clock\nfudge 127.127.1.0 stratum 10\nserver 66.187.224.4\nserver 18.26.4.105\nserver 128.249.1.10\n" 397 }, 398 "path": { 399 "type": "\u0007", 400 "value": "/etc/ntp.conf" 401 }, 402 "permissions": { 403 "type": "\u001bfile.permissions", 404 "value": { 405 "Name": "file.permissions", 406 "ID": "-rw-r--r--" 407 } 408 }, 409 "size": { 410 "type": "\u0005", 411 "value": 393 412 } 413 } 414 }, 415 { 416 "Resource": "file", 417 "ID": "/etc/passwd", 418 "Fields": { 419 "content": { 420 "type": "\u0007", 421 "value": "root:x:0:0::/root:/bin/bash\nbin:x:1:1::/:/usr/bin/nologin\ndaemon:x:2:2::/:/usr/bin/nologin\nmail:x:8:12::/var/spool/mail:/usr/bin/nologin\n" 422 }, 423 "exists": { 424 "type": "\u0004", 425 "value": true 426 }, 427 "permissions": { 428 "type": "\u001bfile.permissions", 429 "value": { 430 "Name": "file.permissions", 431 "ID": "-rw-r--r--" 432 } 433 }, 434 "size": { 435 "type": "\u0005", 436 "value": 137 437 } 438 } 439 }, 440 { 441 "Resource": "file", 442 "ID": "/etc/shadow", 443 "Fields": { 444 "content": { 445 "type": "\u0007", 446 "value": "root:!:14871::::::\nchris:*:18421:0:99999:7:::\nbin:!!:18360::::::" 447 }, 448 "path": { 449 "type": "\u0007", 450 "value": "/etc/shadow" 451 }, 452 "permissions": { 453 "type": "\u001bfile.permissions", 454 "value": { 455 "Name": "file.permissions", 456 "ID": "-rw-r--r--" 457 } 458 }, 459 "size": { 460 "type": "\u0005", 461 "value": 23 462 } 463 } 464 }, 465 { 466 "Resource": "file", 467 "ID": "/etc/ssh/sshd_config", 468 "Fields": { 469 "content": { 470 "type": "\u0007", 471 "value": "# #\n# Ansible managed\n#\n\n# This is the ssh client system-wide configuration file.\n# See sshd_config(5) for more information on any settings used. Comments will be added only to clarify why a configuration was chosen.\n\n\n# Basic configuration\n# ===================\n\n# Either disable or only allow root login via certificates.\nPermitRootLogin no\n\n# Define which port sshd should listen to. Default to `22`.\nPort 22\n\n# Address family should always be limited to the active network configuration.\nAddressFamily inet\n\n# Define which addresses sshd should listen to. Default to `0.0.0.0`, ie make sure you put your desired address in here, since otherwise sshd will listen to everyone.\nListenAddress 0.0.0.0\n\n# List HostKeys here.\nHostKey /etc/ssh/ssh_host_rsa_key\nHostKey /etc/ssh/ssh_host_ecdsa_key\nHostKey /etc/ssh/ssh_host_ed25519_key\n\n# Specifies the host key algorithms that the server offers.\n#\n# HostKeyAlgorithms\n#\n\n# Security configuration\n# ======================\n\n# Set the protocol version to 2 for security reasons. Disables legacy support.\nProtocol 2\n\n# Make sure sshd checks file modes and ownership before accepting logins. This prevents accidental misconfiguration.\nStrictModes yes\n\n# Logging, obsoletes QuietMode and FascistLogging\nSyslogFacility AUTH\nLogLevel VERBOSE\n\n# Cryptography\n# ------------\n\n# **Ciphers** -- If your clients don't support CTR (eg older versions), cbc will be added\n# CBC: is true if you want to connect with OpenSSL-base libraries\n# eg ruby Net::SSH::Transport::CipherFactory requires cbc-versions of the given openssh ciphers to work\n# -- see: (http://net-ssh.github.com/net-ssh/classes/Net/SSH/Transport/CipherFactory.html)\n#\n\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n# **Hash algorithms** -- Make sure not to use SHA1 for hashing, unless it is really necessary.\n# Weak HMAC is sometimes required if older package versions are used\n# eg Ruby's Net::SSH at around 2.2.* doesn't support sha2 for hmac, so this will have to be set true in this case.\n#\n\nMACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256\n\n# Alternative setting, if OpenSSH version is below v5.9\n#MACs hmac-ripemd160\n\n# **Key Exchange Algorithms** -- Make sure not to use SHA1 for kex, unless it is really necessary\n# Weak kex is sometimes required if older package versions are used\n# eg ruby's Net::SSH at around 2.2.* doesn't support sha2 for kex, so this will have to be set true in this case.\n# based on: https://bettercrypto.org/static/applied-crypto-hardening.pdf\n\nKexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256\n\n# Authentication\n# --------------\n\n# Secure Login directives.\n\nLoginGraceTime 30s\nMaxAuthTries 2\nMaxSessions 10\nMaxStartups 10:30:60\n\n# Enable public key authentication\nPubkeyAuthentication yes\n\n# Never use host-based authentication. It can be exploited.\nIgnoreRhosts yes\nIgnoreUserKnownHosts yes\nHostbasedAuthentication no\n\n# Enable PAM to enforce system wide rules\nUsePAM yes\n\n# Set AuthenticationMethods per default to publickey\n# AuthenticationMethods was introduced in OpenSSH 6.2 - https://www.openssh.com/txt/release-6.2\nAuthenticationMethods publickey\n\n# Disable password-based authentication, it can allow for potentially easier brute-force attacks.\nPasswordAuthentication no\nPermitEmptyPasswords no\nChallengeResponseAuthentication no\n\n# Only enable Kerberos authentication if it is configured.\nKerberosAuthentication no\nKerberosOrLocalPasswd no\nKerberosTicketCleanup yes\n#KerberosGetAFSToken no\n\n# Only enable GSSAPI authentication if it is configured.\nGSSAPIAuthentication no\nGSSAPICleanupCredentials yes\n\n# In case you don't use PAM (`UsePAM no`), you can alternatively restrict users and groups here. For key-based authentication this is not necessary, since all keys must be explicitely enabled.\n\n\n\n\n\n\n# Network\n# -------\n\n# Disable TCP keep alive since it is spoofable. Use ClientAlive messages instead, they use the encrypted channel\nTCPKeepAlive no\n\n# Manage `ClientAlive..` signals via interval and maximum count. This will periodically check up to a `..CountMax` number of times within `..Interval` timeframe, and abort the connection once these fail.\nClientAliveInterval 300\nClientAliveCountMax 3\n\n# Disable tunneling\nPermitTunnel no\n\n# Disable forwarding tcp connections.\n# no real advantage without denied shell access\nAllowTcpForwarding no\n\n# Disable agent forwarding, since local agent could be accessed through forwarded connection.\n# no real advantage without denied shell access\nAllowAgentForwarding no\n\n# Do not allow remote port forwardings to bind to non-loopback addresses.\nGatewayPorts no\n\n# Disable X11 forwarding, since local X11 display could be accessed through forwarded connection.\nX11Forwarding no\nX11UseLocalhost yes\n\n# User environment configuration\n# ==============================\n\nPermitUserEnvironment no\n\n\n# Misc. configuration\n# ===================\n\nCompression no\n\nUseDNS no\n\nPrintMotd no\n\nPrintLastLog no\n\nBanner none\n\n\n# Reject keys that are explicitly blacklisted\nRevokedKeys /etc/ssh/revoked_keys\n\n" 472 }, 473 "exists": { 474 "type": "\u0004", 475 "value": true 476 }, 477 "path": { 478 "type": "\u0007", 479 "value": "/etc/ssh/sshd_config" 480 }, 481 "permissions": { 482 "type": "\u001bfile.permissions", 483 "value": { 484 "Name": "file.permissions", 485 "ID": "-rw-r--r--" 486 } 487 }, 488 "size": { 489 "type": "\u0005", 490 "value": 5149 491 } 492 } 493 }, 494 { 495 "Resource": "file", 496 "ID": "/etc/ssl/cert.pem", 497 "Fields": { 498 "content": { 499 "type": "\u0007", 500 "value": "# Amazon Root CA 1\n-----BEGIN CERTIFICATE-----\nMIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF\nADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\nb24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\nb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\nca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\n9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\nIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\nVOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\n93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\njgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA\nA4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI\nU5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs\nN+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv\no/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU\n5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy\nrqXRfboQnoZsG4q5WTP468SQvvG5\n-----END CERTIFICATE-----\n" 501 }, 502 "path": { 503 "type": "\u0007", 504 "value": "/dummy.plist" 505 }, 506 "permissions": { 507 "type": "\u001bfile.permissions", 508 "value": { 509 "Name": "file.permissions", 510 "ID": "-rw-r--r--" 511 } 512 } 513 } 514 }, 515 { 516 "Resource": "file", 517 "ID": "/expires.asc", 518 "Fields": { 519 "content": { 520 "type": "\u0007", 521 "value": "-----BEGIN PGP PUBLIC KEY BLOCK-----\n\nmQINBGPC11oBEAC6FUrqcr5tfFNXQb3+Mkdv9aRY/F+jSRzKRQZ0RwZsQuay0qhZ\nh24YuNnv07e9AL36PCVnb86HcGHR3Td/TQEIEQYsd2J5rIKtte67dN8dHsfuA29M\n0a0tTzYty2f6dEuzEATbcIU5ZOI3OkMK41FJHzF5WDEt2lMuUAzmkePVTdEkQqGU\nxTBHMFupIe6rw2ks6okc6QZ9tvVOhctW/jeXAu0Qhg3Dj7CxX4YRy9vpaWG2FIWu\n9LNS83EymODPzZpz/gOBKi8jCtmgPvSncxP+KdRHRQA50d98UeUdKwekEtNqgNRr\n032qdfnDeIu9yXlMFztvUsO6MKzwUNeXJWek9u+36SAkIQ2fD+I1ht/4O8iFKuxZ\nayK6LLu9Iqoi0NSAq2PGxPx8/aHf12pgta/0O3jekneTPcNhYfMEkVI9cXftRP5F\nNmxj5w7fZXg4AdDkiIvLaM2OFzt0aEAJgPbXo361TfLcHcDgVj74fx3HprThCmu7\n8Cc3YtTNzY39X91/ZlklYzmXN42imu9U17TxMcNI3wXfe4zwFqAn+NSCEZWQrrze\nzGqjGpj+BKfU7YaF8w8bY3mvRw5CLpaTST1kY2Ev/6k/f8S/GrxgvxSMEMJqGka4\nh438T+og9lleoe69G5QajBxVNE1DgRhdNvR8XD8XgAPScTjRj27r7d8gUQARAQAB\ntCNUZXN0IEV4cGlyYXRpb24gPHRlc3QyQGV4YW1wbGUuY29tPokCVAQTAQgAPhYh\nBAekU/iuokjh6bjq4nMS+jVufbE/BQJjwtdaAhsDBQkB3+HgBQsJCAcCBhUKCQgL\nAgQWAgMBAh4BAheAAAoJEHMS+jVufbE/GBsP/1ZMEb4cZMyk6NllYVPvgxZibz9Z\nyqWX7+TNmVijQDF3Z/ZU4aSaVMU6D4zXApu75CF8A0lbYDQRXn6nPXWgXNLapeUc\nMH5qi3EnbTm4Rr1DqNaGBTx4Ysu1zzfGxlcL/L2Bb7f5UbKMxHHcZ1GtlKPA5jVp\nD4phh0GyXEmFwAN1w2Ak5plgzItaIJ/mvzJlPR5erR/piw/Yq716VD1BGCYRJpyi\nO9gz4hTksmG8cHppwuvaFKb3bf40cjHijxQ/JAgc2ym9s9n747e05lCwocLWPsNR\nacJSCJSwMwen+krFqkvJu9cTuQBWti4exVO4QU+PJkAhqJEvXtg6iN8utvKPs3Ux\nB+msQ7UDjooEHmYGuoPOzbypQl0bEHPO3Ywoyi9TjZsl6GIhIzCYsG0SQ7Fak1po\nYIETuy/Di4sZlzRdgOHkZLVnhWM0OQ+XWFymlO2tRG3FAYnKKVjd4Yyr3GDAygul\nj9VvVB386D2U+qTga/6FQ+3qsvYZYu/9InCy2QfHkfZlpFSveLnzBQ86CQJuJ6EO\niSgCy3fxwRzbvfjrtIL9NnW2kg71fKT0PMHLFd7sEKdU7v8xm0+IkH2qqmpgVzQp\nrox3/DqhU28vy9RHSNqJirQXcLaniQR7Rnuchze+nHv93qVWWXzGqO1cKQ4agtLH\nMnWZT6UXVS3HHs0auQINBGPC11oBEADNZxSyJjD7l+VfPSxBmeKD6mB7DyqHbAXy\nQQs69VXH4xMI2hE5n8gFd1uc0M240J1I2drLvvt5pXH+Dr4l4nC9rXa6UtCh7wQ1\ncx/vxxqb4CMGT38Nix7UkO2bdfptnbpV+86JDf2pjRnjbUr/+ROpWhM1SGiNQDfn\n+vZaevhS7bUhMWb24trig/YcFnB/WWIJsRJhORS1Vxq1Gp/me3slIuNa1lcHH2O5\njxw5WIlWaHJRMysgj5cB/LTfHYWFjFxus7hC14VQaAfvG10PS3oiqYDF8UWCDD4f\np+vQxmxMBSug0Cau0uFFusTgZqDNRaGSVP9wlYQr7jdwRbVpsSO/+cvlmmFVielc\nL4yqpHn66lWaOS9ZuLUx9w4X4XSrV8YvdSpU1TgfJxGgLWX7bHiaupJJIrc3sMYD\nCjgyS8HUh4iIHTUd6ZCPEYhrnPquyriBzxvs+Axayte8ZPOIFbbm0cAUQAbeQjXO\npaN1utoP5RfmkgJ8Jt+aPUIr8tK7jSE1nwWepmenPPa7PoWXs0qW05kDWDjVR4QU\nPhdPr/owhtz04st4MXjq9Rl3uvp3zLooFn9tNo5fTgHSPYy71xpbDl55EkK+jqkt\n+VuxYWKSZp/xXQj2gKUf7eW9FRFuRT/I+AiPk9o5/b+gLr2xfBEgISoGdmWFMxZY\nW2rGiEMZkwARAQABiQI8BBgBCAAmFiEEB6RT+K6iSOHpuOricxL6NW59sT8FAmPC\n11oCGwwFCQHf4eAACgkQcxL6NW59sT/erg//ca5wQT4Dyk0lXyZ3HxH+Urx7wE0o\nmd5ZY+fwr0GlPNJYho+fUJTz4urVE4aw0yjrrhbJLDDG1sg7ZV7cIJt1sF1/8AGG\n+mGBUn1RE0u7LF5K8LaUg7viyp3IgwEV7JdjKK9qyHxR476ARPXYcWAc+a9TIhsC\nn3fxq22qM7abZwRf7dd1S/lxBZCfewdE+ZX3yFfGOOA6ZXGnBIc1aKAsAI5+Cypt\nqHWsbEaMIo7JHFESDMSUwYOTqlSUbWag1elUpAtK6xPQ33Yc+FdkJnNcSBeA7ian\n1SabPg+zWVjaB9SeOmo3PKkssS81StByLcaUiRht1LSdLo7MoSxRlRHjTfCSCrk/\nhmKDXDGu35OW597ZLPfN9kyS4j9GWBt2OMAEsd8tBscQCowNDrtTeYxonxp8RMo5\npQ2izYcayQmE0p/9voLSUu0wooyIs0DTuvzBPUwOlDSfHADRSWfVUE7mLjowOv/C\nG6qdvKYp9DbKd71yE45sCkdqSmWGw4dQGwXAvY20cgJlaZL+RU+YfgmfYoTBnqCr\nOOYteJ7bQ5o+hBF2as8HYKviRmnuXY0wH3jj5c070KqD3ubf9gfCoThETa1Cbqlk\nDRSVgV/uog3Rgbxfv5oh4gq67q3zjEEZIbCJtzyEQ0xvad5cur2Lz4acbTj9FoM3\nxh6s/uUjdqWcuew=\n=E8MR\n-----END PGP PUBLIC KEY BLOCK-----\n" 522 }, 523 "path": { 524 "type": "\u0007", 525 "value": "expires.asc" 526 }, 527 "permissions": { 528 "type": "\u001bfile.permissions", 529 "value": { 530 "Name": "file.permissions", 531 "ID": "-rw-r--r--" 532 } 533 }, 534 "size": { 535 "type": "\u0005", 536 "value": 3151 537 } 538 } 539 }, 540 { 541 "Resource": "file", 542 "ID": "/home/chris/.ssh/authorized_keys", 543 "Fields": { 544 "content": { 545 "type": "\u0007", 546 "value": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDYuKamN4JXNYmolm+A9hM+xYanupG1VgbM/k0NwPiIPUdiU82IPbP7bunsngnOatSDyCrKrhL9FV3wuHFFBX0QE9KpS8bcIcT3ySsi3wgYV95P7anb7YhliDDx2w/QB97kCnAKjGFS1yphS6px0i9B29tGVJa22ODs/hebIKUCYKC9/+fnZ+bIqte1HctDP2lDBzMa/7j8BUXSwnTDXtAuEz5eSMIpv1ZdUdaSuO8xFbB0xrBHQJKuqboLPo3NSOCg6uhopO6GucZuNLJnqVLkyEPTKH0nv/8smz/q3v1GOGz8ZS0DIpkretKZmRB1VDhNqsAiOAWUTmg56xO7VZnlEvQRtyG8qyQHjlj6SDGtvxPDY58lz5nhIV9K6L7gHrOIcbSif5ZCt0e4DrKGaYXgH+mwIh2TMC2OCU6Xr6FRVQ9fBhilqMXuFIIezShN0hZb6mUCLkLVOzBBRKuz17S2a8twsuxix7ixqJPsIF3sI88tbxrFkSGSM02dhrmyZbkMr586rktVBB4T+8A28HJr4l9jkU0uk3l3le5bMcXhEuDkJUBnwEXEXfZa8Lw4sg2VuFgw0Ah0kw0/mAorpsFahXstNgrHhy3HoPKDCw/a/sXL4+fE72I1L96Lb7HOxTrdhEGnd65W4mPlTnbGW9YDQqTfZgRlpuffqQuWWYXolw== chris@lollyrock.com\n" 547 }, 548 "exists": { 549 "type": "\u0004", 550 "value": true 551 }, 552 "permissions": { 553 "type": "\u001bfile.permissions", 554 "value": { 555 "Name": "file.permissions", 556 "ID": "-rw-r--r--" 557 } 558 }, 559 "size": { 560 "type": "\u0005", 561 "value": 745 562 } 563 } 564 }, 565 { 566 "Resource": "file", 567 "ID": "/etc/ssl/cert.pem", 568 "Fields": { 569 "content": { 570 "type": "\u0007", 571 "value": "# Amazon Root CA 1\n-----BEGIN CERTIFICATE-----\nMIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF\nADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\nb24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\nb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\nca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\n9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\nIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\nVOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\n93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\njgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC\nAYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA\nA4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI\nU5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs\nN+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv\no/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU\n5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy\nrqXRfboQnoZsG4q5WTP468SQvvG5\n-----END CERTIFICATE-----\n" 572 }, 573 "exists": { 574 "type": "\u0004", 575 "value": true 576 }, 577 "path": { 578 "type": "\u0007", 579 "value": "/etc/ssl/cert.pem" 580 }, 581 "permissions": { 582 "type": "\u001bfile.permissions", 583 "value": { 584 "Name": "file.permissions", 585 "ID": "-rw-r--r--" 586 } 587 }, 588 "size": { 589 "type": "\u0005", 590 "value": 1207 591 } 592 } 593 }, 594 { 595 "Resource": "file.permissions", 596 "ID": "-rw-r--r--", 597 "Fields": { 598 "isDirectory": { 599 "type": "\u0004", 600 "value": false 601 }, 602 "isFile": { 603 "type": "\u0004", 604 "value": true 605 }, 606 "mode": { 607 "type": "\u0005", 608 "value": 420 609 }, 610 "string": { 611 "type": "\u0007", 612 "value": "-rw-r--r--" 613 } 614 615 } 616 }, 617 { 618 "Resource": "file.permissions", 619 "ID": "drwxr-xr-x", 620 "Fields": { 621 "isDirectory": { 622 "type": "\u0004", 623 "value": true 624 }, 625 "isFile": { 626 "type": "\u0004", 627 "value": false 628 }, 629 "string": { 630 "type": "\u0007", 631 "value": "drwxr-xr-x" 632 } 633 } 634 }, 635 { 636 "Resource": "files.find", 637 "ID": "/etc -xdev", 638 "Fields": { 639 "list": { 640 "type": "\u0019\u001bfile", 641 "value": [ 642 { 643 "Name": "file", 644 "ID": "/etc" 645 }, 646 { 647 "Name": "file", 648 "ID": "/etc/UPower" 649 }, 650 { 651 "Name": "file", 652 "ID": "/etc/UPower/UPower.conf" 653 }, 654 { 655 "Name": "file", 656 "ID": "/etc/X11" 657 }, 658 { 659 "Name": "file", 660 "ID": "/etc/X11/xinit" 661 } 662 ] 663 } 664 } 665 }, 666 { 667 "Resource": "group", 668 "ID": "group/0/root", 669 "Fields": { 670 "gid": { 671 "type": "\u0005", 672 "value": 0 673 }, 674 "name": { 675 "type": "\u0007", 676 "value": "root" 677 } 678 } 679 }, 680 { 681 "Resource": "group", 682 "ID": "group/1/bin", 683 "Fields": { 684 "gid": { 685 "type": "\u0005", 686 "value": 1 687 }, 688 "name": { 689 "type": "\u0007", 690 "value": "bin" 691 } 692 } 693 }, 694 { 695 "Resource": "group", 696 "ID": "group/1000/chris", 697 "Fields": { 698 "gid": { 699 "type": "\u0005", 700 "value": 1000 701 }, 702 "name": { 703 "type": "\u0007", 704 "value": "chris" 705 } 706 } 707 }, 708 { 709 "Resource": "group", 710 "ID": "group/998/wheel", 711 "Fields": { 712 "gid": { 713 "type": "\u0005", 714 "value": 998 715 }, 716 "name": { 717 "type": "\u0007", 718 "value": "wheel" 719 } 720 } 721 }, 722 { 723 "Resource": "groups", 724 "ID": "", 725 "Fields": { 726 "list": { 727 "type": "\u0019\u001bgroup", 728 "value": [ 729 { 730 "Name": "group", 731 "ID": "group/0/root" 732 }, 733 { 734 "Name": "group", 735 "ID": "group/1/bin" 736 }, 737 { 738 "Name": "group", 739 "ID": "group/1000/chris" 740 } 741 ] 742 } 743 } 744 }, 745 { 746 "Resource": "kernel", 747 "ID": "", 748 "Fields": { 749 "modules": { 750 "type": "\u0019\u001bkernel.module", 751 "value": [ 752 { 753 "Name": "kernel.module", 754 "ID": "xfrm_user" 755 } 756 ] 757 }, 758 "parameters": { 759 "type": "\u001a\u0007\u0007", 760 "value": { 761 "net.ipv4.ip_forward": "1" 762 } 763 } 764 } 765 }, 766 { 767 "Resource": "kernel.module", 768 "ID": "xfrm_user", 769 "Fields": { 770 "loaded": { 771 "type": "\u0004", 772 "value": true 773 }, 774 "name": { 775 "type": "\u0007", 776 "value": "xfrm_user" 777 }, 778 "size": { 779 "type": "\u0007", 780 "value": "36864" 781 } 782 } 783 }, 784 { 785 "Resource": "mount", 786 "ID": "mount", 787 "Fields": { 788 "list": { 789 "type": "\u0019\u001bmount.point", 790 "value": [ 791 { 792 "Name": "mount.point", 793 "ID": "/proc" 794 }, 795 { 796 "Name": "mount.point", 797 "ID": "/" 798 }, 799 { 800 "Name": "mount.point", 801 "ID": "/dev" 802 } 803 ] 804 } 805 } 806 }, 807 { 808 "Resource": "mount.point", 809 "ID": "/", 810 "Fields": { 811 "device": { 812 "type": "\u0007", 813 "value": "/dev/sda1" 814 }, 815 "fstype": { 816 "type": "\u0007", 817 "value": "ext4" 818 }, 819 "mounted": { 820 "type": "\u0004", 821 "value": true 822 }, 823 "path": { 824 "type": "\u0007", 825 "value": "/" 826 } 827 } 828 }, 829 { 830 "Resource": "mount.point", 831 "ID": "/dev", 832 "Fields": { 833 "device": { 834 "type": "\u0007", 835 "value": "dev" 836 }, 837 "fstype": { 838 "type": "\u0007", 839 "value": "devtmpfs" 840 }, 841 "mounted": { 842 "type": "\u0004", 843 "value": true 844 }, 845 "path": { 846 "type": "\u0007", 847 "value": "/dev" 848 } 849 } 850 }, 851 { 852 "Resource": "mount.point", 853 "ID": "/proc", 854 "Fields": { 855 "device": { 856 "type": "\u0007", 857 "value": "proc" 858 }, 859 "fstype": { 860 "type": "\u0007", 861 "value": "proc" 862 }, 863 "mounted": { 864 "type": "\u0004", 865 "value": true 866 }, 867 "path": { 868 "type": "\u0007", 869 "value": "/proc" 870 } 871 } 872 }, 873 { 874 "Resource": "package", 875 "ID": "package/acl", 876 "Fields": { 877 "installed": { 878 "type": "\u0004", 879 "value": true 880 }, 881 "name": { 882 "type": "\u0007", 883 "value": "acl" 884 }, 885 "version": { 886 "type": "\u0007", 887 "value": "1.2.3" 888 } 889 } 890 }, 891 { 892 "Resource": "package", 893 "ID": "package/unknown", 894 "Fields": { 895 "installed": { 896 "type": "\u0004", 897 "value": null 898 } 899 } 900 }, 901 { 902 "Resource": "packages", 903 "ID": "", 904 "Fields": { 905 "list": { 906 "type": "\u0019\u001bpackage", 907 "value": [ 908 { 909 "Name": "package", 910 "ID": "package/acl" 911 } 912 ] 913 } 914 } 915 }, 916 { 917 "Resource": "process", 918 "ID": "1", 919 "Fields": { 920 "command": { 921 "type": "\u0007", 922 "value": "/sbin/init" 923 }, 924 "executable": { 925 "type": "\u0007", 926 "value": "systemd" 927 }, 928 "pid": { 929 "type": "\u0005", 930 "value": 1 931 }, 932 "state": { 933 "type": "\u0007", 934 "value": "S (sleeping)" 935 } 936 } 937 }, 938 { 939 "Resource": "processes", 940 "ID": "", 941 "Fields": { 942 "list": { 943 "type": "\u0019\u001bprocess", 944 "value": [ 945 { 946 "Name": "process", 947 "ID": "1" 948 } 949 ] 950 } 951 } 952 }, 953 { 954 "Resource": "service", 955 "ID": "acpid", 956 "Fields": { 957 "enabled": { 958 "type": "\u0004", 959 "value": false 960 }, 961 "name": { 962 "type": "\u0007", 963 "value": "acpid" 964 }, 965 "running": { 966 "type": "\u0004", 967 "value": false 968 }, 969 "type": { 970 "type": "\u0007", 971 "value": "systemd" 972 } 973 } 974 }, 975 { 976 "Resource": "service", 977 "ID": "dbus", 978 "Fields": { 979 "enabled": { 980 "type": "\u0004", 981 "value": true 982 }, 983 "name": { 984 "type": "\u0007", 985 "value": "dbus" 986 }, 987 "running": { 988 "type": "\u0004", 989 "value": true 990 }, 991 "type": { 992 "type": "\u0007", 993 "value": "systemd" 994 } 995 } 996 }, 997 { 998 "Resource": "services", 999 "ID": "", 1000 "Fields": { 1001 "list": { 1002 "type": "\u0019\u001bservice", 1003 "value": [ 1004 { 1005 "Name": "service", 1006 "ID": "acpid" 1007 }, 1008 { 1009 "Name": "service", 1010 "ID": "containerd" 1011 }, 1012 { 1013 "Name": "service", 1014 "ID": "dbus" 1015 } 1016 ] 1017 } 1018 } 1019 }, 1020 { 1021 "Resource": "sshd.config", 1022 "ID": "/etc/ssh/sshd_config", 1023 "Fields": { 1024 "content": { 1025 "type": "\u0007", 1026 "value": "# #\n# Ansible managed\n#\n\n# This is the ssh client system-wide configuration file.\n# See sshd_config(5) for more information on any settings used. Comments will be added only to clarify why a configuration was chosen.\n\n\n# Basic configuration\n# ===================\n\n# Either disable or only allow root login via certificates.\nPermitRootLogin no\n\n# Define which port sshd should listen to. Default to `22`.\nPort 22\n\n# Address family should always be limited to the active network configuration.\nAddressFamily inet\n\n# Define which addresses sshd should listen to. Default to `0.0.0.0`, ie make sure you put your desired address in here, since otherwise sshd will listen to everyone.\nListenAddress 0.0.0.0\n\n# List HostKeys here.\nHostKey /etc/ssh/ssh_host_rsa_key\nHostKey /etc/ssh/ssh_host_ecdsa_key\nHostKey /etc/ssh/ssh_host_ed25519_key\n\n# Specifies the host key algorithms that the server offers.\n#\n# HostKeyAlgorithms\n#\n\n# Security configuration\n# ======================\n\n# Set the protocol version to 2 for security reasons. Disables legacy support.\nProtocol 2\n\n# Make sure sshd checks file modes and ownership before accepting logins. This prevents accidental misconfiguration.\nStrictModes yes\n\n# Logging, obsoletes QuietMode and FascistLogging\nSyslogFacility AUTH\nLogLevel VERBOSE\n\n# Cryptography\n# ------------\n\n# **Ciphers** -- If your clients don't support CTR (eg older versions), cbc will be added\n# CBC: is true if you want to connect with OpenSSL-base libraries\n# eg ruby Net::SSH::Transport::CipherFactory requires cbc-versions of the given openssh ciphers to work\n# -- see: (http://net-ssh.github.com/net-ssh/classes/Net/SSH/Transport/CipherFactory.html)\n#\n\nCiphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n# **Hash algorithms** -- Make sure not to use SHA1 for hashing, unless it is really necessary.\n# Weak HMAC is sometimes required if older package versions are used\n# eg Ruby's Net::SSH at around 2.2.* doesn't support sha2 for hmac, so this will have to be set true in this case.\n#\n\nMACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256\n\n# Alternative setting, if OpenSSH version is below v5.9\n#MACs hmac-ripemd160\n\n# **Key Exchange Algorithms** -- Make sure not to use SHA1 for kex, unless it is really necessary\n# Weak kex is sometimes required if older package versions are used\n# eg ruby's Net::SSH at around 2.2.* doesn't support sha2 for kex, so this will have to be set true in this case.\n# based on: https://bettercrypto.org/static/applied-crypto-hardening.pdf\n\nKexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256\n\n# Authentication\n# --------------\n\n# Secure Login directives.\n\nLoginGraceTime 30s\nMaxAuthTries 2\nMaxSessions 10\nMaxStartups 10:30:60\n\n# Enable public key authentication\nPubkeyAuthentication yes\n\n# Never use host-based authentication. It can be exploited.\nIgnoreRhosts yes\nIgnoreUserKnownHosts yes\nHostbasedAuthentication no\n\n# Enable PAM to enforce system wide rules\nUsePAM yes\n\n# Set AuthenticationMethods per default to publickey\n# AuthenticationMethods was introduced in OpenSSH 6.2 - https://www.openssh.com/txt/release-6.2\nAuthenticationMethods publickey\n\n# Disable password-based authentication, it can allow for potentially easier brute-force attacks.\nPasswordAuthentication no\nPermitEmptyPasswords no\nChallengeResponseAuthentication no\n\n# Only enable Kerberos authentication if it is configured.\nKerberosAuthentication no\nKerberosOrLocalPasswd no\nKerberosTicketCleanup yes\n#KerberosGetAFSToken no\n\n# Only enable GSSAPI authentication if it is configured.\nGSSAPIAuthentication no\nGSSAPICleanupCredentials yes\n\n# In case you don't use PAM (`UsePAM no`), you can alternatively restrict users and groups here. For key-based authentication this is not necessary, since all keys must be explicitely enabled.\n\n\n\n\n\n\n# Network\n# -------\n\n# Disable TCP keep alive since it is spoofable. Use ClientAlive messages instead, they use the encrypted channel\nTCPKeepAlive no\n\n# Manage `ClientAlive..` signals via interval and maximum count. This will periodically check up to a `..CountMax` number of times within `..Interval` timeframe, and abort the connection once these fail.\nClientAliveInterval 300\nClientAliveCountMax 3\n\n# Disable tunneling\nPermitTunnel no\n\n# Disable forwarding tcp connections.\n# no real advantage without denied shell access\nAllowTcpForwarding no\n\n# Disable agent forwarding, since local agent could be accessed through forwarded connection.\n# no real advantage without denied shell access\nAllowAgentForwarding no\n\n# Do not allow remote port forwardings to bind to non-loopback addresses.\nGatewayPorts no\n\n# Disable X11 forwarding, since local X11 display could be accessed through forwarded connection.\nX11Forwarding no\nX11UseLocalhost yes\n\n# User environment configuration\n# ==============================\n\nPermitUserEnvironment no\n\n\n# Misc. configuration\n# ===================\n\nCompression no\n\nUseDNS no\n\nPrintMotd no\n\nPrintLastLog no\n\nBanner none\n\n\n# Reject keys that are explicitly blacklisted\nRevokedKeys /etc/ssh/revoked_keys\n\n" 1027 }, 1028 "files": { 1029 "type": "\u0019\u001bfile", 1030 "value": [ 1031 { 1032 "Name": "file", 1033 "ID": "/etc/ssh/sshd_config" 1034 } 1035 ] 1036 } 1037 } 1038 }, 1039 { 1040 "Resource": "user", 1041 "ID": "user/0/root", 1042 "Fields": { 1043 "enabled": { 1044 "type": "\u0004", 1045 "value": false 1046 }, 1047 "gid": { 1048 "type": "\u0005", 1049 "value": 0 1050 }, 1051 "group": { 1052 "type": "\u001bgroup", 1053 "value": { 1054 "Name": "group", 1055 "ID": "group/0/root" 1056 } 1057 }, 1058 "home": { 1059 "type": "\u0007", 1060 "value": "/root" 1061 }, 1062 "name": { 1063 "type": "\u0007", 1064 "value": "root" 1065 }, 1066 "uid": { 1067 "type": "\u0005", 1068 "value": 0 1069 } 1070 } 1071 }, 1072 { 1073 "Resource": "user", 1074 "ID": "user/1/bin", 1075 "Fields": { 1076 "enabled": { 1077 "type": "\u0004", 1078 "value": false 1079 }, 1080 "gid": { 1081 "type": "\u0005", 1082 "value": 1 1083 }, 1084 "group": { 1085 "type": "\u001bgroup", 1086 "value": { 1087 "Name": "group", 1088 "ID": "group/1/bin" 1089 } 1090 }, 1091 "name": { 1092 "type": "\u0007", 1093 "value": "bin" 1094 }, 1095 "uid": { 1096 "type": "\u0005", 1097 "value": 1 1098 } 1099 } 1100 }, 1101 { 1102 "Resource": "user", 1103 "ID": "user/1000/chris", 1104 "Fields": { 1105 "enabled": { 1106 "type": "\u0004", 1107 "value": false 1108 }, 1109 "gid": { 1110 "type": "\u0005", 1111 "value": 1000 1112 }, 1113 "group": { 1114 "type": "\u001bgroup", 1115 "value": { 1116 "Name": "group", 1117 "ID": "group/1000/chris" 1118 } 1119 }, 1120 "home": { 1121 "type": "\u0007", 1122 "value": "/home/chris" 1123 }, 1124 "name": { 1125 "type": "\u0007", 1126 "value": "chris" 1127 }, 1128 "uid": { 1129 "type": "\u0005", 1130 "value": 1000 1131 } 1132 } 1133 }, 1134 { 1135 "Resource": "user", 1136 "ID": "user/1001/christopher", 1137 "Fields": { 1138 "enabled": { 1139 "type": "\u0004", 1140 "value": false 1141 }, 1142 "gid": { 1143 "type": "\u0005", 1144 "value": 1000 1145 }, 1146 "group": { 1147 "type": "\u001bgroup", 1148 "value": { 1149 "Name": "group", 1150 "ID": "group/1000/chris" 1151 } 1152 }, 1153 "name": { 1154 "type": "\u0007", 1155 "value": "christopher" 1156 }, 1157 "uid": { 1158 "type": "\u0005", 1159 "value": 1001 1160 } 1161 } 1162 }, 1163 { 1164 "Resource": "users", 1165 "ID": "", 1166 "Fields": { 1167 "list": { 1168 "type": "\u0019\u001buser", 1169 "value": [ 1170 { 1171 "Name": "user", 1172 "ID": "user/0/root" 1173 }, 1174 { 1175 "Name": "user", 1176 "ID": "user/1/bin" 1177 }, 1178 { 1179 "Name": "user", 1180 "ID": "user/1000/chris" 1181 }, 1182 { 1183 "Name": "user", 1184 "ID": "user/1001/christopher" 1185 } 1186 ] 1187 } 1188 } 1189 } 1190 ] 1191 } 1192 ] 1193 }