An error occurred:

Check: OSX00165 M6

MACOSX 10.6: OSX00165 M6 (in version v1 r3)

Title

Prevent root login must be securely configured in /etc/sshd_config. (Cat II impact)

Discussion

Prevents logging in as root through SSH. This should be set for all SSH methods of authenticating.

Check Content

Open a terminal session and enter the following command. more /etc/sshd_config Ensure the value "PermitRootLogin" is set to "No". If the value "PermitRootLogin" is not set to "No", this is a finding. NOTE: If the line starts with a # sign this is a comment and the command to disable root login would be invalid regardless of the value, this is a finding.

Fix Text

Open a terminal session and enter the following command. sudo pico /etc/sshd_config Edit the value "PermitRootLogin" and set it to "No". Save the file.

Additional Identifiers

Rule ID: SV-38525r1_rule

Vulnerability ID: V-25273

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check