Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The SSH daemon must perform strict mode checking of home directory configuration files.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22485 | GEN005536 | SV-64067r1_rule | Medium |
| Description |
|---|
| If other users have access to modify user-specific SSH configuration files, they may be able to log into the system as another user. |
| STIG | Date |
|---|---|
| Oracle Linux 5 Security Technical Implementation Guide | 2018-10-03 |
Details
| Check Text ( C-52479r2_chk ) |
|---|
| Check the SSH daemon configuration for the StrictModes setting. # grep -i StrictModes /etc/ssh/sshd_config | grep -v '^#' If the setting is not present, or not set to "yes", this is a finding. |
| Fix Text (F-54595r2_fix) |
|---|
| Edit the SSH daemon configuration and add or edit the "StrictModes" setting value to "yes". Restart the SSH daemon. # /sbin/service sshd restart |