UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

AIX SSH daemon must perform strict mode checking of home directory configuration files.


Overview

Finding ID Version Rule ID IA Controls Severity
V-215299 AIX7-00-002116 SV-215299r508663_rule Medium
Description
If other users have access to modify user-specific SSH configuration files, they may be able to log into the system as another user.
STIG Date
IBM AIX 7.x Security Technical Implementation Guide 2021-11-19

Details

Check Text ( C-16497r294348_chk )
Check the SSH daemon configuration for the "StrictModes" setting using command:

# grep -i StrictModes /etc/ssh/sshd_config | grep -v '^#'
StrictModes yes

If the setting is missing or is set to "no", this is a finding.
Fix Text (F-16495r294349_fix)
Edit the "/etc/sshd/sshd_config" file and add or change the "StrictModes" setting to "yes".

Restart the SSH daemon:
# stopsrc -s sshd
# startsrc -s sshd