STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The SUSE operating system must deny direct logons to the root account using remote access via SSH.

DISA Rule

SV-217267r603262_rule

Vulnerability Number

V-217267

Group Title

SRG-OS-000109-GPOS-00056

Rule Version

SLES-12-030140

Severity

CAT II

CCI(s)

• CCI-000770 - The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.

Weight

10

Fix Recommendation

Configure the SUSE operating system to deny direct logons to the root account using remote access via SSH.

Edit the appropriate "/etc/ssh/sshd_config" file, add or uncomment the line for "PermitRootLogin" and set its value to "no" (this file may be named differently or be in a different location):

PermitRootLogin no

Check Contents

Verify the SUSE operating system denies direct logons to the root account using remote access via SSH.

Check that SSH denies any user trying to log on directly as root with the following command:

# sudo grep -i permitrootlogin /etc/ssh/sshd_config
PermitRootLogin no

If the "PermitRootLogin" keyword is set to "yes", is missing, or is commented out, this is a finding.

Vulnerability Number

V-217267

Documentable

False

Rule Version

SLES-12-030140

Severity Override Guidance

Verify the SUSE operating system denies direct logons to the root account using remote access via SSH.

Check that SSH denies any user trying to log on directly as root with the following command:

# sudo grep -i permitrootlogin /etc/ssh/sshd_config
PermitRootLogin no

If the "PermitRootLogin" keyword is set to "yes", is missing, or is commented out, this is a finding.

Check Content Reference

M

Target Key

4033

Comments