Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-230764 | APPL-11-000051 | SV-230764r599842_rule | Medium |
| Description |
|---|
| If SSH is not being used, this is Not Applicable. The SSH daemon "ClientAliveInterval" option must be set correctly. To check the idle timeout setting for SSH sessions, run the following: /usr/bin/grep ^ClientAliveInterval /etc/ssh/sshd_config If the setting is not "900" or less, this is a finding. |
| STIG | Date |
|---|---|
| Apple macOS 11 (Big Sur) Security Technical Implementation Guide | 2020-11-27 |
Details
| Check Text ( C-33709r591414_chk ) |
|---|
| The SSH daemon "ClientAliveInterval" option must be set correctly. To check the idle timeout setting for SSH sessions, run the following: /usr/bin/grep ^ClientAliveInterval /etc/ssh/sshd_config If the setting is not "900" or less, this is a finding. |
| Fix Text (F-33682r591415_fix) |
|---|
| To ensure that "ClientAliveInterval" is set correctly, run the following command: /usr/bin/sudo /usr/bin/sed -i.bak 's/.*ClientAliveInterval.*/ClientAliveInterval 900/' /etc/ssh/sshd_config |