UCF STIG Viewer Logo

The SUSE operating system must not allow unattended or automatic logon via SSH.


Overview

Finding ID Version Rule ID IA Controls Severity
V-77451 SLES-12-030150 SV-92147r1_rule High
Description
Failure to restrict system access via SSH to authenticated users negatively impacts SUSE operating system security.
STIG Date
SLES 12 Security Technical Implementation Guide 2018-09-27

Details

Check Text ( C-77009r1_chk )
Verify the SUSE operating system disables unattended or automatic logon via SSH.

Check that unattended or automatic logon via SSH is disabled with the following command:

# sudo egrep '(Permit(.*?)(Passwords|Environment))' /etc/ssh/sshd_config

PermitEmptyPasswords no
PermitUserEnvironment no

If "PermitEmptyPasswords" or "PermitUserEnvironment" keywords are not set to "no", are missing completely, or are commented out, this is a finding.
Fix Text (F-84091r1_fix)
Configure the SUSE operating system disables unattended or automatic logon via SSH.

Add or edit the following lines in the "/etc/ssh/sshd_config" file:

PermitEmptyPasswords no
PermitUserEnvironment no