Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Unattended or automatic login via ssh must not be allowed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-75833 | UBTU-16-030250 | SV-90513r2_rule | High |
| Description |
|---|
| Failure to restrict system access to authenticated users negatively impacts Ubuntu operating system security. |
| STIG | Date |
|---|---|
| Canonical Ubuntu 16.04 LTS Security Technical Implementation Guide | 2018-07-18 |
Details
| Check Text ( C-75521r1_chk ) |
|---|
| Verify that unattended or automatic login via ssh is disabled. Check that unattended or automatic login via ssh is disabled with the following command: # egrep '(Permit(.*?)(Passwords|Environment))' /etc/ssh/sshd_config PermitEmptyPasswords no PermitUserEnvironment no If "PermitEmptyPasswords" or "PermitUserEnvironment" keywords are not set to "no", is missing completely, or they are commented out, this is a finding. |
| Fix Text (F-82463r2_fix) |
|---|
| Configure the Ubuntu operating system to allow the SSH daemon to not allow unattended or automatic login to the system. Add or edit the following lines in the "/etc/ssh/sshd_config" file: PermitEmptyPasswords no PermitUserEnvironment no The SSH daemon must be restarted for the changes to take effect. To restart the SSH daemon, run the following command: # sudo systemctl restart sshd.service |