openssh CIS compliance
* CIS 5.2.1 Ensure permissions on /etc/ssh/sshd_config are configured (Scored)
* CIS 5.2.2 Ensure SSH Protocol is set to 2 (Scored)
* CIS 5.2.3 Ensure SSH LogLevel is set to INFO (Scored)
* CIS 5.2.4 Ensure SSH X11 forwarding is disabled (Scored)
* CIS 5.2.5 Ensure SSH MaxAuthTries is set to 4 or less (Scored)
* CIS 5.2.6 Ensure SSH IgnoreRhosts is enabled (Scored)
* CIS 5.2.7 Ensure SSH HostbasedAuthentication is disabled (Scored)
* CIS 5.2.8 Ensure SSH root login is disabled (Scored)
* CIS 5.2.9 Ensure SSH PermitEmptyPasswords is disabled (Scored)
* CIS 5.2.10 Ensure SSH PermitUserEnvironment is disabled (Scored)
* CIS 5.2.11 Ensure only approved MAC algorithms are used (Scored)
* CIS 5.2.12 Ensure SSH Idle Timeout Interval is configured (Scored)
* CIS 5.2.13 Ensure SSH LoginGraceTime is set to one minute or less (Scored)
* CIS 5.2.14 Ensure SSH access is limited (Scored)
* CIS 5.2.15 Ensure SSH warning banner is configured (Scored)
Change-Id: Ie53dbdfada27bdb08d3571be10e0de95117a1a17
diff --git a/metadata/service/server/cis/init.yml b/metadata/service/server/cis/init.yml
new file mode 100644
index 0000000..8c6400e
--- /dev/null
+++ b/metadata/service/server/cis/init.yml
@@ -0,0 +1,14 @@
+classes:
+- service.openssh.server.cis.cis-5-2-2
+- service.openssh.server.cis.cis-5-2-3
+- service.openssh.server.cis.cis-5-2-4
+- service.openssh.server.cis.cis-5-2-5
+- service.openssh.server.cis.cis-5-2-6
+- service.openssh.server.cis.cis-5-2-7
+- service.openssh.server.cis.cis-5-2-8
+- service.openssh.server.cis.cis-5-2-9
+- service.openssh.server.cis.cis-5-2-10
+- service.openssh.server.cis.cis-5-2-11
+- service.openssh.server.cis.cis-5-2-12
+- service.openssh.server.cis.cis-5-2-13
+- service.openssh.server.cis.cis-5-2-15