On AIX, the SSH server must not permit root logins using remote access programs.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-215287 | SRG-OS-000480-GPOS-00227 | AIX7-00-002102 | SV-215287r991589_rule | 2026-02-06 | 3 |
Description
Permitting direct root login reduces auditable information about who ran privileged commands on the system and also allows direct attack attempts on root's password.
ℹ️ Check
Determine if the SSH daemon is configured to disable root logins:
# grep -iE "PermitRootLogin[[:blank:]]*no" /etc/ssh/sshd_config | grep -v \#
If the above command displays a line, the root login is disabled.
If the root login is not disabled, this is a finding.
✔️ Fix
Edit the "/etc/ssh/sshd_config" file to have the following line and save the change:
PermitRootLogin no
Restart SSH daemon:
# stopsrc -s sshd
# startsrc -s sshd