STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must display the Standard Mandatory DoD Notice and Consent Banner before granting access via SSH.

DISA Rule

SV-100123r1_rule

Vulnerability Number

V-89473

Group Title

SRG-OS-000023-GPOS-00006

Rule Version

VRAU-SL-000030

Severity

CAT II

CCI(s)

• CCI-000048 - The information system displays an organization-defined system use notification message or banner before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.

Weight

10

Fix Recommendation

To configure the SSH daemon for the logon warning banners, modify /etc/ssh/sshd_config with the following command:

# sed -i "/^[^#]*Banner/ c\Banner /etc/issue" /etc/ssh/sshd_config

The SSH service will need to be restarted after the above change has been made to SSH. This can be done by running the following command:

# service sshd restart

Check Contents

Check that the SSH daemon is configured for logon warning banners:

# grep -i banner /etc/ssh/sshd_config | grep -v '#'

If the output does not contain "Banner /etc/issue", this is a finding.

Vulnerability Number

V-89473

Documentable

False

Rule Version

VRAU-SL-000030

Severity Override Guidance

Check that the SSH daemon is configured for logon warning banners:

# grep -i banner /etc/ssh/sshd_config | grep -v '#'

If the output does not contain "Banner /etc/issue", this is a finding.

Check Content Reference

M

Target Key

3459

Comments