ssh_leaked_keys: adding strings_to_leak flag read_fact

modules/vulnerabilities/unix/system/ssh_leaked_keys/manifests/init.pp

@@ -1,6 +1,7 @@
 class ssh_leaked_keys::init {
   $json_inputs = base64('decode', $::base64_inputs)
   $secgen_parameters = parsejson($json_inputs)
+  $strings_to_leak = $secgen_parameters['strings_to_leak']
 
   $accounts = $secgen_parameters['accounts']
   $accounts.each |$raw_account| {
@@ -9,7 +10,7 @@ class ssh_leaked_keys::init {
       ssh_leaked_keys::account { "ssh_leaked_keys_$username":
         username         => $username,
         password         => $account['password'],
-        strings_to_leak  => $account['strings_to_leak'],
+        strings_to_leak  => $strings_to_leak,
         leaked_filenames => $account['leaked_filenames']
       }
     }

modules/vulnerabilities/unix/system/ssh_leaked_keys/secgen_metadata.xml

@@ -10,16 +10,21 @@
   <description>Adds a ssh enabled account which has keys leaked in user dir.</description>
 
   <type>system</type>
-  <privilege>none</privilege>
+  <privilege>user_rwx</privilege>
   <access>local</access>
   <platform>linux</platform>
 
+  <read_fact>strings_to_leak</read_fact>
   <read_fact>accounts</read_fact>
 
+  <default_input into="strings_to_leak">
+    <generator type="flag_generator"/>
+  </default_input>
+
   <default_input into="accounts">
     <generator type="account">
       <input into="password">
-        <generator module_path="modules/generators/random/random_base64"/>
+        <generator module_path=".*strong_password.*"/>
       </input>
     </generator>
   </default_input>
@@ -31,4 +36,7 @@
     <module_path>utilities/unix/system/accounts</module_path>
   </requires>
 
+  <requires>
+    <privilege>user_rw</privilege>
+  </requires>
 </vulnerability>