STIGQter STIGQter: STIG Summary: Red Hat Enterprise Linux 7 Security Technical Implementation Guide Version: 3 Release: 3 Benchmark Date: 23 Apr 2021:

The Red Hat Enterprise Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission.

DISA Rule

SV-204586r603261_rule

Vulnerability Number

V-204586

Group Title

SRG-OS-000423-GPOS-00187

Rule Version

RHEL-07-040310

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the SSH service to automatically start after reboot with the following command:

# systemctl enable sshd.service

Check Contents

Verify SSH is loaded and active with the following command:

# systemctl status sshd
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days ago
Main PID: 1348 (sshd)
CGroup: /system.slice/sshd.service
1053 /usr/sbin/sshd -D

If "sshd" does not show a status of "active" and "running", this is a finding.

Vulnerability Number

V-204586

Documentable

False

Rule Version

RHEL-07-040310

Severity Override Guidance

Verify SSH is loaded and active with the following command:

# systemctl status sshd
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days ago
Main PID: 1348 (sshd)
CGroup: /system.slice/sshd.service
1053 /usr/sbin/sshd -D

If "sshd" does not show a status of "active" and "running", this is a finding.

Check Content Reference

M

Target Key

2899

Comments