Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The SSH daemon must be configured to use only the SSHv2 protocol.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-219560 | OL6-00-000227 | SV-219560r603263_rule | High |
| Description |
|---|
| SSH protocol version 1 suffers from design flaws that result in security vulnerabilities and should not be used. |
| STIG | Date |
|---|---|
| Oracle Linux 6 Security Technical Implementation Guide | 2021-03-01 |
Details
| Check Text ( C-21285r358220_chk ) |
|---|
| To check which SSH protocol version is allowed, run the following command: # grep Protocol /etc/ssh/sshd_config If configured properly, output should be Protocol 2 If it is not, this is a finding. |
| Fix Text (F-21284r358221_fix) |
|---|
| Only SSH protocol version 2 connections should be permitted. The default setting in "/etc/ssh/sshd_config" is correct, and can be verified by ensuring that the following line appears: Protocol 2 |