STIGQter STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The SSH daemon must be configured with the Department of Defense (DoD) login banner.

DISA Rule

SV-208927r603263_rule

Vulnerability Number

V-208927

Group Title

SRG-OS-000023

Rule Version

OL6-00-000240

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

To enable the warning banner and ensure it is consistent across the system, add or correct the following line in "/etc/ssh/sshd_config":

Banner /etc/issue

Another section contains information on how to create an appropriate system-wide warning banner.

Check Contents

To determine how the SSH daemon's "Banner" option is set, run the following command:

# grep -i Banner /etc/ssh/sshd_config

If a line indicating /etc/issue is returned, then the required value is set.
If the required value is not set, this is a finding.

Vulnerability Number

V-208927

Documentable

False

Rule Version

OL6-00-000240

Severity Override Guidance

To determine how the SSH daemon's "Banner" option is set, run the following command:

# grep -i Banner /etc/ssh/sshd_config

If a line indicating /etc/issue is returned, then the required value is set.
If the required value is not set, this is a finding.

Check Content Reference

M

Target Key

2928

Comments