STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system must deny direct logons to the root account using remote access via SSH.

DISA Rule

SV-234870r622137_rule

Vulnerability Number

V-234870

Group Title

SRG-OS-000109-GPOS-00056

Rule Version

SLES-15-020040

Severity

CAT II

CCI(s)

• CCI-000770 - The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.

Weight

10

Fix Recommendation

Configure the SUSE operating system to deny direct logons to the root account using remote access via SSH.

Edit the appropriate "/etc/ssh/sshd_config" file, add or uncomment the line for "PermitRootLogin" and set its value to "no" (this file may be named differently or be in a different location):

PermitRootLogin no

Check Contents

Verify the SUSE operating system denies direct logons to the root account using remote access via SSH.

Check that SSH denies any user trying to log on directly as root with the following command:

> sudo grep -i permitrootlogin /etc/ssh/sshd_config
PermitRootLogin no

If the "PermitRootLogin" keyword is set to "yes", is missing, or is commented out, this is a finding.

Vulnerability Number

V-234870

Documentable

False

Rule Version

SLES-15-020040

Severity Override Guidance

Verify the SUSE operating system denies direct logons to the root account using remote access via SSH.

Check that SSH denies any user trying to log on directly as root with the following command:

> sudo grep -i permitrootlogin /etc/ssh/sshd_config
PermitRootLogin no

If the "PermitRootLogin" keyword is set to "yes", is missing, or is commented out, this is a finding.

Check Content Reference

M

Target Key

5274

Comments