Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Consecutive login attempts for SSH must be limited to 3.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-216352 | SOL-11.1-040340 | SV-216352r959010_rule | Low |
| Description |
|---|
| Setting the authentication login limit to a low value will disconnect the attacker and force a reconnect, which severely limits the speed of such brute-force attacks. |
| STIG | Date |
|---|---|
| Solaris 11 SPARC Security Technical Implementation Guide | 2024-05-30 |
Details
| Check Text ( C-17588r462490_chk ) |
|---|
| Determine if consecutive login attempts are limited to 3. # grep "^MaxAuthTries" /etc/ssh/sshd_config | grep -v Log If the output of this command is not: MaxAuthTries 6 this is a finding. Note: Solaris SSH MaxAuthTries of 6 maps to 3 actual failed attempts. |
| Fix Text (F-17586r462491_fix) |
|---|
| The root role is required. Modify the sshd_config file. # pfedit /etc/ssh/sshd_config Locate the line containing: MaxAuthTries Change it to: MaxAuthTries 6 Restart the SSH service. # svcadm restart svc:/network/ssh Note: Solaris SSH MaxAuthTries of 6 maps to 3 actual failed attempts. |