From d2956e84529758f9cfd69af1ef9d0eae0c9171287e598ffb08eeb1fc8b5c1ef3 Mon Sep 17 00:00:00 2001
From: "Marc S. Weidner" <msw@coresecret.dev>
Date: Fri, 5 Dec 2025 00:51:35 +0100
Subject: [PATCH] V8.13.536.2025.12.04

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
---
 config/hooks/live/9930_hardening_ssh.chroot | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/config/hooks/live/9930_hardening_ssh.chroot b/config/hooks/live/9930_hardening_ssh.chroot
index 4d47d4a..1cc7cda 100644
--- a/config/hooks/live/9930_hardening_ssh.chroot
+++ b/config/hooks/live/9930_hardening_ssh.chroot
@@ -44,8 +44,11 @@ chmod 0600 /etc/ssh/ssh_host_*_key
 chown root:root /etc/ssh/ssh_host_*_key
 chmod 0644 /etc/ssh/ssh_host_*_key.pub
 chown root:root /etc/ssh/ssh_host_*_key.pub
-chmod 0440 /etc/ssh/*sha256sum.txt
-chown root:root /etc/ssh/*sha256sum.txt
+
+if compgen -G "/etc/ssh/*sha256sum.txt" > /dev/null; then
+  chmod 0440 /etc/ssh/*sha256sum.txt
+  chown root:root /etc/ssh/*sha256sum.txt
+fi
 
 awk '$5 >= 4000' /etc/ssh/moduli >| /etc/ssh/moduli.safe
 rm -rf /etc/ssh/moduli