Privilege separation conditional check

[sfuerte]

Describe the bug
The subject option has been deprecated since OpenSSH 7.5 (https://www.openssh.com/txt/release-7.5), hence the check shall be conditional.

Expected behavior
No error

Actual behavior

  ×  sshd-16: Server: Use privilege separation
     ×  SSHD Configuration UsePrivilegeSeparation is expected to eq "sandbox"

     expected: "sandbox"
          got: nil

     (compared using ==)

OS / Environment

$ lsb_release -d
Description:	Ubuntu 20.04 LTS

$ ssh -V
OpenSSH_8.2p1 Ubuntu-4, OpenSSL 1.1.1f  31 Mar 2020

Inspec Version

$ inspec --version
4.18.114

Baseline Version

name: ssh-baseline
title: DevSec SSH Baseline
maintainer: DevSec Hardening Framework Team
copyright: DevSec Hardening Framework Team
copyright_email: [email protected]
license: Apache-2.0
summary: Test-suite for best-practice SSH hardening
version: 2.5.6
supports:
  - os-family: unix

[chris-rock]

@sfuerte Thank you for the hint. I suggest we change the test to ensure that it is not set at all. This allows us to ensure the defaults are used. Any PR is welcome.

[micheelengronne]

Agreed. Openssh 7.5 is 3 years old. If someone still uses a previous version of SSH, it is another level of problems than this profile can solve.

[micheelengronne]

#171