Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Ubuntu operating system must not allow unattended or automatic login via SSH.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-238218 | UBTU-20-010047 | SV-238218r877377_rule | High |
| Description |
|---|
| Failure to restrict system access to authenticated users negatively impacts Ubuntu operating system security. |
| STIG | Date |
|---|---|
| Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide | 2023-12-01 |
Details
| Check Text ( C-41428r858530_chk ) |
|---|
| Verify that unattended or automatic login via SSH is disabled with the following command: $ egrep -r '(Permit(.*?)(Passwords|Environment))' /etc/ssh/sshd_config PermitEmptyPasswords no PermitUserEnvironment no If "PermitEmptyPasswords" or "PermitUserEnvironment" keywords are not set to "no", are missing completely, or are commented out, this is a finding. If conflicting results are returned, this is a finding. |
| Fix Text (F-41387r653828_fix) |
|---|
| Configure the Ubuntu operating system to allow the SSH daemon to not allow unattended or automatic login to the system. Add or edit the following lines in the "/etc/ssh/sshd_config" file: PermitEmptyPasswords no PermitUserEnvironment no Restart the SSH daemon for the changes to take effect: $ sudo systemctl restart sshd.service |