Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Ubuntu operating system must not allow unattended or automatic login via ssh.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-219314 | UBTU-18-010424 | SV-219314r610963_rule | High |
| Description |
|---|
| Failure to restrict system access to authenticated users negatively impacts Ubuntu operating system security. |
| STIG | Date |
|---|---|
| Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide | 2020-12-09 |
Details
| Check Text ( C-21039r305270_chk ) |
|---|
| Verify that unattended or automatic login via ssh is disabled. Check that unattended or automatic login via ssh is disabled with the following command: # egrep '(Permit(.*?)(Passwords|Environment))' /etc/ssh/sshd_config PermitEmptyPasswords no PermitUserEnvironment no If "PermitEmptyPasswords" or "PermitUserEnvironment" keywords are not set to "no", are missing completely, or they are commented out, this is a finding. |
| Fix Text (F-21038r305271_fix) |
|---|
| Configure the Ubuntu operating system to allow the SSH daemon to not allow unattended or automatic login to the system. Add or edit the following lines in the "/etc/ssh/sshd_config" file: PermitEmptyPasswords no PermitUserEnvironment no In order for the changes to take effect, the SSH daemon must be restarted. # sudo systemctl restart sshd.service |