STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021: STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:SV-238213r653814_rule
V-238213
SRG-OS-000163-GPOS-00072
UBTU-20-010037
CAT II
10
Configure the Ubuntu operating system to automatically terminate all network connections associated with SSH traffic at the end of a session or after a 10-minute period of inactivity.
Modify or append the following line in the "/etc/ssh/sshd_config" file replacing "[Interval]" with a value of "600" or less:
ClientAliveInterval 600
Restart the SSH daemon for the changes to take effect:
$ sudo systemctl restart sshd.service
Verify that all network connections associated with SSH traffic are automatically terminated at the end of the session or after 10 minutes of inactivity.
Verify the "ClientAliveInterval" variable is set to a value of "600" or less by performing the following command:
$ sudo grep -i clientalive /etc/ssh/sshd_config
ClientAliveInterval 600
If "ClientAliveInterval" does not exist, is not set to a value of "600" or less in "/etc/ssh/sshd_config", or is commented out, this is a finding.
V-238213
False
UBTU-20-010037
Verify that all network connections associated with SSH traffic are automatically terminated at the end of the session or after 10 minutes of inactivity.
Verify the "ClientAliveInterval" variable is set to a value of "600" or less by performing the following command:
$ sudo grep -i clientalive /etc/ssh/sshd_config
ClientAliveInterval 600
If "ClientAliveInterval" does not exist, is not set to a value of "600" or less in "/etc/ssh/sshd_config", or is commented out, this is a finding.
M
5318