Title

The operating system must terminate all sessions and network connections when nonlocal maintenance is completed. (Cat II impact)

Discussion

Nonlocal maintenance and diagnostic activities are those activities conducted by individuals communicating through a network, either an external network (e.g., the internet) or an internal network. The operating system needs to ensure all sessions and network connections are terminated when nonlocal maintenance is completed.

Check Content

Determine if SSH is configured to disconnect sessions after 10 minutes of inactivity. # grep ClientAlive /etc/ssh/sshd_config If the output of this command is not as shown below, this is a finding. ClientAliveInterval 600 ClientAliveCountMax 0

Fix Text

The root role is required. Configure the system to disconnect SSH sessions after 10 minutes of inactivity. # pfedit /etc/ssh/sshd_config Insert the two lines: ClientAliveInterval 600 ClientAliveCountMax 0 Restart the SSH service with the new configuration. # svcadm restart svc:/network/ssh

Additional Identifiers

Rule ID: SV-216162r986457_rule

Vulnerability ID: V-216162

Group Title: SRG-OS-000126

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.