An error occurred:

Check: RHEL-06-000237

Red Hat Enterprise Linux 6 STIG: RHEL-06-000237 (in versions v2 r2 through v1 r14)

Title

The system must not permit root logins using remote access programs such as ssh. (Cat II impact)

Discussion

Permitting direct root login reduces auditable information about who ran privileged commands on the system and also allows direct attack attempts on root's password.

Check Content

To determine how the SSH daemon's "PermitRootLogin" option is set, run the following command: # grep -i PermitRootLogin /etc/ssh/sshd_config If a line indicating "no" is returned, then the required value is set. If the required value is not set, this is a finding.

Fix Text

The root user should never be allowed to log in to a system directly over a network. To disable root login via SSH, add or correct the following line in "/etc/ssh/sshd_config": PermitRootLogin no

Additional Identifiers

Rule ID: SV-218000r603264_rule

Vulnerability ID: V-218000

Group Title: SRG-OS-000109

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000770

The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-2 (5)

Group Authentication