Check: AIX7-00-002102
IBM AIX 7.x STIG:
AIX7-00-002102
(in versions v3 r1 through v1 r1)
Title
On AIX, the SSH server must not permit root logins using remote access programs. (Cat II impact)
Discussion
Permitting direct root login reduces auditable information about who ran privileged commands on the system and also allows direct attack attempts on root's password.
Check Content
Determine if the SSH daemon is configured to disable root logins: # grep -iE "PermitRootLogin[[:blank:]]*no" /etc/ssh/sshd_config | grep -v \# If the above command displays a line, the root login is disabled. If the root login is not disabled, this is a finding.
Fix Text
Edit the "/etc/ssh/sshd_config" file to have the following line and save the change: PermitRootLogin no Restart SSH daemon: # stopsrc -s sshd # startsrc -s sshd
Additional Identifiers
Rule ID: SV-215287r991589_rule
Vulnerability ID: V-215287
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |