STIGQter STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The SLES for vRealize must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications, when used for nonlocal maintenance sessions.

DISA Rule

SV-99341r1_rule

Vulnerability Number

V-88691

Group Title

SRG-OS-000394-GPOS-00174

Rule Version

VROM-SL-001230

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Edit the SSH daemon configuration and remove any MACs other than "hmac-sha1". If necessary, add a "MACs" line.

# sed -i "/^[^#]*MACs/ c\MACs hmac-sha1" /etc/ssh/sshd_config

Check Contents

Check the SSH daemon configuration for allowed MACs:

# grep -i macs /etc/ssh/sshd_config | grep -v '^#'

If no lines are returned, or the returned MACs list contains any MAC other than "hmac-sha1", this is a finding.

Vulnerability Number

V-88691

Documentable

False

Rule Version

VROM-SL-001230

Severity Override Guidance

Check the SSH daemon configuration for allowed MACs:

# grep -i macs /etc/ssh/sshd_config | grep -v '^#'

If no lines are returned, or the returned MACs list contains any MAC other than "hmac-sha1", this is a finding.

Check Content Reference

M

Target Key

3461

Comments