The Photon operating system must protect sshd configuration from unauthorized access.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-256581 | SRG-OS-000480-GPOS-00227 | PHTN-30-000112 | SV-256581r991589_rule | 2024-12-16 | 1 |
Description
The "sshd_config" file contains all the configuration items for sshd. Incorrect or malicious configuration of sshd can allow unauthorized access to the system, insecure communication, limited forensic trail, etc.
ℹ️ Check
At the command line, run the following command:
# stat -c "%n permissions are %a and owned by %U:%G" /etc/ssh/sshd_config
Expected result:
/etc/ssh/sshd_config permissions are 600 and owned by root:root
If the output does not match the expected result, this is a finding.
✔️ Fix
At the command line, run the following commands:
# chmod 600 /etc/ssh/sshd_config
# chown root:root /etc/ssh/sshd_config