diff --git a/anta/tests/security.py b/anta/tests/security.py index 007022dc5..71c9f12ee 100644 --- a/anta/tests/security.py +++ b/anta/tests/security.py @@ -57,7 +57,7 @@ def test(self) -> None: except StopIteration: self.result.is_failure("Could not find SSH status in returned output.") return - status = line.split("is ")[1] + status = line.split()[-1] if status == "disabled": self.result.is_success() diff --git a/tests/units/anta_tests/test_security.py b/tests/units/anta_tests/test_security.py index 549890ad5..0d4a478b0 100644 --- a/tests/units/anta_tests/test_security.py +++ b/tests/units/anta_tests/test_security.py @@ -45,12 +45,32 @@ "expected": {"result": "failure", "messages": ["Could not find SSH status in returned output."]}, }, { - "name": "failure-ssh-disabled", + "name": "failure-ssh-enabled", "test": VerifySSHStatus, "eos_data": ["SSHD status for Default VRF is enabled\nSSH connection limit is 50\nSSH per host connection limit is 20\nFIPS status: disabled\n\n"], "inputs": None, "expected": {"result": "failure", "messages": ["SSHD status for Default VRF is enabled"]}, }, + { + "name": "success-4.32", + "test": VerifySSHStatus, + "eos_data": [ + "User certificate authentication methods: none (neither trusted CA nor SSL profile configured)\n" + "SSHD status for Default VRF: disabled\nSSH connection limit: 50\nSSH per host connection limit: 20\nFIPS status: disabled\n\n" + ], + "inputs": None, + "expected": {"result": "success"}, + }, + { + "name": "failure-ssh-enabled-4.32", + "test": VerifySSHStatus, + "eos_data": [ + "User certificate authentication methods: none (neither trusted CA nor SSL profile configured)\n" + "SSHD status for Default VRF: enabled\nSSH connection limit: 50\nSSH per host connection limit: 20\nFIPS status: disabled\n\n" + ], + "inputs": None, + "expected": {"result": "failure", "messages": ["SSHD status for Default VRF: enabled"]}, + }, { "name": "success", "test": VerifySSHIPv4Acl,