Check: ESXI-65-000028
VMware vSphere 6.5 ESXi STIG:
ESXI-65-000028
(in versions v2 r4 through v1 r1)
Title
The ESXi host SSH daemon must limit connections to a single session. (Cat II impact)
Discussion
The SSH protocol has the ability to provide multiple sessions over a single connection without reauthentication. A compromised client could use this feature to establish additional sessions to a system without consent or knowledge of the user.
Check Content
From an SSH session connected to the ESXi host, or from the ESXi shell, run the following command: # grep -i "^MaxSessions" /etc/ssh/sshd_config If there is no output or the output is not exactly "MaxSessions 1", this is a finding.
Fix Text
From an SSH session connected to the ESXi host, or from the ESXi shell, add or correct the following line in "/etc/ssh/sshd_config": MaxSessions 1
Additional Identifiers
Rule ID: SV-207629r388482_rule
Vulnerability ID: V-207629
Group Title: SRG-OS-000480-VMM-002000
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |