STIGQter STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system must log SSH connection attempts and failures to the server.

DISA Rule

SV-234815r622137_rule

Vulnerability Number

V-234815

Group Title

SRG-OS-000032-GPOS-00013

Rule Version

SLES-15-010150

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure SSH to verbosely log connection attempts and failed logon attempts to the SUSE operating system.

Add or update the following line in the "/etc/ssh/sshd_config" file:

LogLevel VERBOSE

The SSH service will need to be restarted in order for the changes to take effect.

Check Contents

Verify SSH is configured to verbosely log connection attempts and failed logon attempts to the SUSE operating system.

Check that the SSH daemon configuration verbosely logs connection attempts and failed logon attempts to the server with the following command:

> sudo grep -i loglevel /etc/ssh/sshd_config

The output message must contain the following text:

LogLevel VERBOSE

If the output message does not contain "VERBOSE", the LogLevel keyword is missing, or the line is commented out, this is a finding.

Vulnerability Number

V-234815

Documentable

False

Rule Version

SLES-15-010150

Severity Override Guidance

Verify SSH is configured to verbosely log connection attempts and failed logon attempts to the SUSE operating system.

Check that the SSH daemon configuration verbosely logs connection attempts and failed logon attempts to the server with the following command:

> sudo grep -i loglevel /etc/ssh/sshd_config

The output message must contain the following text:

LogLevel VERBOSE

If the output message does not contain "VERBOSE", the LogLevel keyword is missing, or the line is commented out, this is a finding.

Check Content Reference

M

Target Key

5274

Comments