ladar
commented
5 years ago @flybyray the sshd.sh script isn't currently being used. You can run grep sshd *.json | grep scripts to confirm.
The script you found was written specifically for CentOS/RHEL, and was copied into the Fedora script directories because the Fedora configs are based on the CentOS/RHEL config. If you would like to update the script for Fedora, please send it along... however, the most important function of that module was removing the SSHD host keys, and that is taken care of by the common keys module. The second most important function was ensuring 4K RSA keys were used... but that is less relevant with the shift towards Ed25519.
If you did want to add an SSHD hardening module, it seems the relevant Fedora bits are in /usr/libexec/openssh/sshd-keygen.
https://github.com/lavabit/robox/blob/bf8b79139e122d9e6d95e439434d2737982644c8/scripts/fedora29/sshd.sh#L21
https://fedoraproject.org/wiki/Changes/Remove_slogin_and_sshd-keygen