STIGQter STIGQter: STIG Summary: Oracle Linux 5 Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 26 Oct 2018: The SSH daemon must not allow rhosts RSA authentication.

DISA Rule

SV-64081r1_rule

Vulnerability Number

V-22487

Group Title

GEN005538

Rule Version

GEN005538

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit the SSH daemon configuration and add or edit the "RhostsRSAAuthentication" setting value to "no".

Restart the SSH daemon.
# /sbin/service sshd restart

Check Contents

Check the SSH daemon configuration for the RhostsRSAAuthentication setting.

# grep -i RhostsRSAAuthentication /etc/ssh/sshd_config | grep -v '^#'

If the setting is set to "yes", this is a finding.

Vulnerability Number

V-22487

Documentable

False

Rule Version

GEN005538

Severity Override Guidance

Check the SSH daemon configuration for the RhostsRSAAuthentication setting.

# grep -i RhostsRSAAuthentication /etc/ssh/sshd_config | grep -v '^#'

If the setting is set to "yes", this is a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

2207

Comments