Title

AIX must turn off X11 forwarding for the SSH daemon. (Cat II impact)

Discussion

X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection and should not be enabled unless needed.

Check Content

If X11 forwarding has been authorized for use, this is Not Applicable. Check the SSH daemon configuration for the "X11Forwarding" directive using command: # grep -i X11Forwarding /etc/ssh/sshd_config | grep -v '^#' X11Forwarding no If the setting is not present or the setting is "yes", this is a finding.

Fix Text

Edit the "/etc/sshd/sshd_config" file to add the following line and save the change: X11Forwarding no Restart the SSH daemon: # stopsrc -s sshd # startsrc -s sshd

Additional Identifiers

Rule ID: SV-215300r508663_rule

Vulnerability ID: V-215300

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.