UCF STIG Viewer Logo

The Photon operating system must configure sshd with a specific ListenAddress.


Finding ID Version Rule ID IA Controls Severity
V-239126 PHTN-67-000055 SV-239126r675186_rule Medium
Without specifying a ListenAddress, sshd will listen on all interfaces. In situations with multiple interfaces, this may not be intended behavior and could lead to offering remote access on an unapproved network.
VMware vSphere 6.7 Photon OS Security Technical Implementation Guide 2022-06-17


Check Text ( C-42337r675184_chk )
At the command line, execute the following command:

# sshd -T|&grep -i ListenAddress

If the ListenAddress is not configured to the VCSA management IP, this is a finding.
Fix Text (F-42296r675185_fix)
Open /etc/ssh/sshd_config with a text editor.

Ensure that the "ListenAddress" line is uncommented and set to a valid local IP:



Replace "" with the management address of the VCSA.

At the command line, execute the following command:

# service sshd reload