add check for RSA HostKey

Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>

Author: schurzi

controls/sshd_spec.rb

@@ -520,3 +520,18 @@
     its('commands.first') { should_not match(/-oHostKeyAlgorithms/) }
   end
 end
+
+control 'sshd-50' do
+  impact 1.0
+  title 'Server: RSA HostKey size'
+  desc 'Verifies if RSA HostKey size >= 4096'
+  only_if('RSA HostKey exists') do
+    file("#{sshd_custom_hostkeys_path}/ssh_host_rsa_key").exists?
+  end
+
+  describe bash("test $(ssh-keygen -l -f #{sshd_custom_hostkeys_path}/ssh_host_rsa_key | awk '$1 < 4096 { print $1 }' | wc -l) -eq 0") do
+    its('exit_status') { should eq 0 }
+    its('stdout') { should eq '' }
+    its('stderr') { should eq '' }
+  end
+end