The SSH daemon must restrict login ability to specific users and/or groups.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-22470 | GEN005521 | SV-26763r1_rule | ECLP-1 | Medium |
| Description |
|---|
| Restricting SSH logins to a limited group of users, such as system administrators, prevents password-guessing and other SSH attacks from reaching system accounts and other accounts not authorized for SSH access. |
| STIG | Date |
|---|---|
| SOLARIS 9 X86 SECURITY TECHNICAL IMPLEMENTATION GUIDE | 2015-10-01 |
Details
| Check Text ( C-27772r1_chk ) |
|---|
| Check the SSH daemon configuration for the AllowGroups setting. # grep -i AllowGroups /etc/ssh/sshd_config | grep -v '^#' If no lines are returned, this is a finding. |
| Fix Text (F-24013r1_fix) |
|---|
| Edit the SSH daemon configuration and add an AllowGroups directive. |