STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must display the Standard Mandatory DoD Notice and Consent Banner before granting access via SSH.

DISA Rule

SV-99013r1_rule

Vulnerability Number

V-88363

Group Title

SRG-OS-000023-GPOS-00006

Rule Version

VROM-SL-000030

Severity

CAT II

CCI(s)

• CCI-000048 - The information system displays an organization-defined system use notification message or banner before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.

Weight

10

Fix Recommendation

To configure the SSH daemon with the logon warning banners, modify /etc/ssh/sshd_config execute the following command:

# sed -i "/^[^#]*Banner/ c\Banner /etc/issue" /etc/ssh/sshd_config

The SSH service will need to be restarted after the above change has been made to SSH. This can be done by running the following command:

# service sshd restart

Check Contents

Check that the SSH daemon is configured for logon warning banners:

# grep -i banner /etc/ssh/sshd_config | grep -v '#'

The output should contain "Banner /etc/issue".

If the output does not contain "Banner /etc/issue", this is a finding.

Vulnerability Number

V-88363

Documentable

False

Rule Version

VROM-SL-000030

Severity Override Guidance

Check that the SSH daemon is configured for logon warning banners:

# grep -i banner /etc/ssh/sshd_config | grep -v '#'

The output should contain "Banner /etc/issue".

If the output does not contain "Banner /etc/issue", this is a finding.

Check Content Reference

M

Target Key

3461

Comments