An error occurred:

Check: RHEL-06-000240

Red Hat Enterprise Linux 6 STIG: RHEL-06-000240 (in versions v2 r2 through v1 r14)

Title

The SSH daemon must be configured with the Department of Defense (DoD) login banner. (Cat II impact)

Discussion

The warning message reinforces policy awareness during the logon process and facilitates possible legal action against attackers. Alternatively, systems whose ownership should not be obvious should ensure usage of a banner that does not provide easy attribution.

Check Content

To determine how the SSH daemon's "Banner" option is set, run the following command: # grep -i Banner /etc/ssh/sshd_config If a line indicating /etc/issue is returned, then the required value is set. If the required value is not set, this is a finding.

Fix Text

To enable the warning banner and ensure it is consistent across the system, add or correct the following line in "/etc/ssh/sshd_config": Banner /etc/issue Another section contains information on how to create an appropriate system-wide warning banner.

Additional Identifiers

Rule ID: SV-218002r603264_rule

Vulnerability ID: V-218002

Group Title: SRG-OS-000023

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000048

The information system displays an organization-defined system use notification message or banner before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-8

System Use Notification