STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The operating system, upon successful logon, must display to the user the date and time of the last logon or access via ssh.

DISA Rule

SV-209056r603263_rule

Vulnerability Number

V-209056

Group Title

SRG-OS-000025

Rule Version

OL6-00-000507

Severity

CAT II

CCI(s)

• CCI-000052 - The information system notifies the user, upon successful logon (access) to the system, of the date and time of the last logon (access).

Weight

10

Fix Recommendation

Update the "PrintLastLog" keyword to "yes" in /etc/ssh/sshd_config:

PrintLastLog yes

While it is acceptable to remove the keyword entirely since the default action for the SSH daemon is to print the last login date and time, it is preferred to have the value explicitly documented.

Check Contents

Verify the value associated with the "PrintLastLog" keyword in /etc/ssh/sshd_config:

# grep -i "^PrintLastLog" /etc/ssh/sshd_config

If the "PrintLastLog" keyword is not present, this is not a finding. If the value is not set to "yes", this is a finding.

Vulnerability Number

V-209056

Documentable

False

Rule Version

OL6-00-000507

Severity Override Guidance

Verify the value associated with the "PrintLastLog" keyword in /etc/ssh/sshd_config:

# grep -i "^PrintLastLog" /etc/ssh/sshd_config

If the "PrintLastLog" keyword is not present, this is not a finding. If the value is not set to "yes", this is a finding.

Check Content Reference

M

Target Key

2928

Comments