On executing the command ssh-keygen -lf /etc/ssh/ssh_host_dsa_key.pub
I am getting a output where the first few digits represent the key strength. Is there a possible way to validate the key strength using Chef inspec?
Suppose I get 1024...... as the output of the mentioned command, how do I check that it should be 1024 and not other values using Chef Inspec?
use the command resource and match its output. something like the following should do the trick
describe command('ssh-keygen -lf /etc/ssh/ssh_host_dsa_key.pub | awk '{print $1}) do
its('exit_status') { should eq 0 }
its('stdout') { should be >= 1024 }
end