STIGQter: STIG Summary: Apple OS X 10.14 (Mojave) Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The macOS system must limit the number of concurrent SSH sessions to 10 for all accounts and/or account types.

DISA Rule

SV-209545r610285_rule

Vulnerability Number

V-209545

Group Title

SRG-OS-000027-GPOS-00008

Rule Version

AOSX-14-000050

Severity

CAT II

CCI(s)

CCI-000054 - The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions.

Weight

Fix Recommendation

To configure SSHD to limit the number of sessions, use the following command:

/usr/bin/sudo /usr/bin/sed -i.bak 's/^[\#]*MaxSessions.*/MaxSessions 10/' /etc/ssh/sshd_config

Check Contents

To verify that SSHD is limited to 10 sessions, use the following command:

/bin/cat /etc/ssh/sshd_config | grep MaxSessions

The command must return "MaxSessions 10". If it returns null, or a commented value, or the value is greater than "10", this is a finding.

Vulnerability Number

V-209545

Documentable

False

Rule Version

AOSX-14-000050

Severity Override Guidance

Check Content Reference

Target Key

2930

The macOS system must limit the number of concurrent SSH sessions to 10 for all accounts and/or account types.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments