Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The operating system must terminate all sessions and network connections when nonlocal maintenance is completed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-216399 | SOL-11.1-050460 | SV-216399r986416_rule | Medium |
| Description |
|---|
| Nonlocal maintenance and diagnostic activities are those activities conducted by individuals communicating through a network, either an external network (e.g., the internet) or an internal network. The operating system needs to ensure all sessions and network connections are terminated when nonlocal maintenance is completed. |
| STIG | Date |
|---|---|
| Solaris 11 SPARC Security Technical Implementation Guide | 2024-05-30 |
Details
| Check Text ( C-17635r986415_chk ) |
|---|
| Determine if SSH is configured to disconnect sessions after 10 minutes of inactivity. # grep ClientAlive /etc/ssh/sshd_config If the output of this command is not the following, this is a finding. ClientAliveInterval 600 ClientAliveCountMax 0 |
| Fix Text (F-17633r371286_fix) |
|---|
| The root role is required. Configure the system to disconnect SSH sessions after 10 minutes of inactivity. # pfedit /etc/ssh/sshd_config Insert the two lines: ClientAliveInterval 600 ClientAliveCountMax 0 Restart the SSH service with the new configuration. # svcadm restart svc:/network/ssh |