UCF STIG Viewer Logo

The SSH daemon must not permit user environment settings.


Overview

Finding ID Version Rule ID IA Controls Severity
V-63201 ESXI-06-000016 SV-77691r1_rule Medium
Description
SSH environment options potentially allow users to bypass access restriction in some configurations.
STIG Date
VMware vSphere ESXi 6.0 Security Technical Implementation Guide 2019-01-04

Details

Check Text ( C-63935r1_chk )
To verify users are not able to present environment daemons, run the following command:

# grep -i "^PermitUserEnvironment" /etc/ssh/sshd_config

If there is no output or the output is not exactly "PermitUserEnvironment no", this is a finding.
Fix Text (F-69119r1_fix)
To ensure users are not able to present environment options to the SSH daemon, add or correct the following line in "/etc/ssh/sshd_config":

PermitUserEnvironment no