STIGQter: STIG Summary: Oracle Linux 6 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The SSH daemon must not permit user environment settings.

DISA Rule

SV-208928r603263_rule

Vulnerability Number

V-208928

Group Title

SRG-OS-000242

Rule Version

OL6-00-000241

Severity

CAT III

CCI(s)

CCI-001414 - The information system enforces approved authorizations for controlling the flow of information between interconnected systems based on organization-defined information flow control policies.

Weight

Fix Recommendation

To ensure users are not able to present environment options to the SSH daemon, add or correct the following line in "/etc/ssh/sshd_config":

PermitUserEnvironment no

Check Contents

To ensure users are not able to present environment daemons, run the following command:

# grep PermitUserEnvironment /etc/ssh/sshd_config

If properly configured, output should be:

PermitUserEnvironment no

If it is not, this is a finding.

Vulnerability Number

V-208928

Documentable

False

Rule Version

OL6-00-000241

Severity Override Guidance

Check Content Reference

Target Key

2928

The SSH daemon must not permit user environment settings.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments