STIGQter: STIG Summary: Solaris 10 X86 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 22 Jan 2021:

The system must not permit root logins using remote access programs such as SSH.

DISA Rule

SV-227609r603266_rule

Vulnerability Number

V-227609

Group Title

SRG-OS-000109

Rule Version

GEN001120

Severity

CAT II

CCI(s)

• CCI-000770 - The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.

Weight

10

Fix Recommendation

Edit the configuration file and set the PermitRootLogin option to no.

Check Contents

Determine if the SSH daemon is configured to permit root logins.

Procedure:
# grep -v "^#" /etc/ssh/sshd_config | grep -i permitrootlogin

If the PermitRootLogin entry is not found or is not set to "no", this is a finding.

Vulnerability Number

V-227609

Documentable

False

Rule Version

GEN001120

Severity Override Guidance

Determine if the SSH daemon is configured to permit root logins.

Procedure:
# grep -v "^#" /etc/ssh/sshd_config | grep -i permitrootlogin

If the PermitRootLogin entry is not found or is not set to "no", this is a finding.

Check Content Reference

M

Target Key

4061

Comments