STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system SSH daemon must perform strict mode checking of home directory configuration files.

DISA Rule

SV-235010r622137_rule

Vulnerability Number

V-235010

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

SLES-15-040260

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the SUSE operating system SSH daemon performs strict mode checking of home directory configuration files.

Uncomment the "StrictModes" keyword in "/etc/ssh/sshd_config" and set the value to "yes":

StrictModes yes

Check Contents

Verify the SUSE operating system SSH daemon performs strict mode checking of home directory configuration files.

Check that the SSH daemon performs strict mode checking of home directory configuration files with the following command:

> sudo grep -i strictmodes /etc/ssh/sshd_config

StrictModes yes

If "StrictModes" is set to "no", is missing, or the returned line is commented out, this is a finding.

Vulnerability Number

V-235010

Documentable

False

Rule Version

SLES-15-040260

Severity Override Guidance

Verify the SUSE operating system SSH daemon performs strict mode checking of home directory configuration files.

Check that the SSH daemon performs strict mode checking of home directory configuration files with the following command:

> sudo grep -i strictmodes /etc/ssh/sshd_config

StrictModes yes

If "StrictModes" is set to "no", is missing, or the returned line is commented out, this is a finding.

Check Content Reference

M

Target Key

5274

Comments