Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-39265 | GEN005519-ESXI5-000102 | SV-51081r1_rule | Medium |
Description |
---|
X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection and should not be enabled unless needed. |
STIG | Date |
---|---|
VMware ESXi Server 5.0 Security Technical Implementation Guide | 2015-02-10 |
Check Text ( C-46529r1_chk ) |
---|
Disable lock down mode. Enable the ESXi Shell. Check the SSH daemon configuration for the X11 forwarding setting. # grep -i "^X11Forwarding" /etc/ssh/sshd_config If "X11Forwarding" is set to "yes", this is a finding. Re-enable lock down mode. |
Fix Text (F-44244r1_fix) |
---|
Disable lock down mode. Enable the ESXi Shell. Edit the SSH daemon configuration and add/modify the "X11Forwarding" configuration, setting it to "no". # vi /etc/ssh/sshd_config Re-enable lock down mode. |