Exercise 3: Add missing SSH part in SLS code

h3.md

@@ -420,11 +420,17 @@ check_sshd_config:
     - require:
       - pkg: check_sshd_install
 
+prevent_if_ssh_sessions_open:
+  cmd.run:
+    - name: 'if [ $(/bin/netstat -tnpa | grep "ESTABLISHED.*sshd" | wc -l) -gt 0 ]; then false; fi'
+    - require:
+      - file: check_sshd_config
+
 ssh_port:
   cmd.run:
     - name: 'sed -i -r "s/^[#P]+ort [0-9][0-9]*/Port {{ supersecret_ssh_port }}/" /etc/ssh/sshd_config'
     - require:
-      - file: check_sshd_config
+      - cmd: prevent_if_ssh_sessions_open
 
 sshd_restart:
   service.running: