ssh-installed.. bug ?

[ka7]

I think I found an error in the report:
referring to rule:

Rule Title: All networked systems must have SSH installed.
Rule ID: SV-86857r1_rule
Status: FAILED

assume, this is covered by

scripts/check-ssh.sh installed

when checking against the check_content:

Check Content: Check to see if sshd is installed with the following command:
dpkg -l ssh

.. which seems not bring the right result.

root@vm2 /home # dpkg -l ssh
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==========================-==================-==================-=========================================================
un ssh (no description available)

whereas

root@vm2 /home # apt-show-versions | grep ssh
libssh-gcrypt-4:amd64/stretch 0.7.3-2 uptodate
libssh2-1:amd64/stretch 1.7.0-1 uptodate
openssh-client:amd64/stretch 1:7.4p1-10+deb9u3 uptodate
openssh-server:amd64/stretch 1:7.4p1-10+deb9u3 uptodate
openssh-sftp-server:amd64/stretch 1:7.4p1-10+deb9u3 uptodate

shows that SSH is installed.

( a dpkg -l "openssh*" shows the full correct list )

the script checks just using auditd, not via dpkg itself.

Check Content: Check to see if sshd is installed with the following command:
installed)
if dpkg -s auditd | grep -i "Status:.*install.*ok.*installed";then
:
else
exit 1
fi

ideas:

• check if the dpkg -s auditd failes direct with dpkg -l openssh. ( a 2nd if in the else-case. )

[Samson-W]

Thank you very much for your report on this error.