STIGQter STIGQter: STIG Summary: Red Hat Enterprise Linux 8 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

All RHEL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.

DISA Rule

SV-230526r627750_rule

Vulnerability Number

V-230526

Group Title

SRG-OS-000423-GPOS-00187

Rule Version

RHEL-08-040160

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Install SSH packages onto the host with the following commands:

$ sudo yum install openssh-server.x86_64

Configure the SSH service to automatically start after reboot with the following command:

$ sudo systemctl enable sshd.service

Check Contents

Verify SSH is loaded and active with the following command:

$ sudo systemctl status sshd

sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days ago
Main PID: 1348 (sshd)
CGroup: /system.slice/sshd.service
1053 /usr/sbin/sshd -D

If "sshd" does not show a status of "active" and "running", this is a finding.

If the "SSH server" package is not installed, this is a finding.

Vulnerability Number

V-230526

Documentable

False

Rule Version

RHEL-08-040160

Severity Override Guidance

Verify SSH is loaded and active with the following command:

$ sudo systemctl status sshd

sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days ago
Main PID: 1348 (sshd)
CGroup: /system.slice/sshd.service
1053 /usr/sbin/sshd -D

If "sshd" does not show a status of "active" and "running", this is a finding.

If the "SSH server" package is not installed, this is a finding.

Check Content Reference

M

Target Key

2921

Comments