UCF STIG Viewer Logo

The remshd service must not be installed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-22431 GEN003825 SV-35129r1_rule DCPP-1 Medium
Description
The remshd process provides a typically unencrypted, host-authenticated remote access service. SSH should be used in place of this service.
STIG Date
HP-UX 11.23 Security Technical Implementation Guide 2015-12-02

Details

Check Text ( C-36536r1_chk )
Determine if remshd is installed/running:
# cat /etc/inetd.conf | tr '\011' ' ' | tr -s ' ' | sed -e 's/^[ \t]*//' | grep -v "^#" | \
grep remshd

If the above command returns any evidence of the remshd service, this is a finding.
Fix Text (F-31900r1_fix)
Uninstall the remshd service from the system.
# cat /etc/inetd.conf | grep -n remshd

Edit the /etc/inetd.conf file and comment the line entry for remshd,
then reconfigure inetd via:

# inetd -c