The ESXi host SSH daemon must be configured with the Department of Defense (DoD) login banner. (Cat II impact)
The warning message reinforces policy awareness during the logon process and facilitates possible legal action against attackers. Alternatively, systems whose ownership should not be obvious should ensure usage of a banner that does not provide easy attribution.
From an SSH session connected to the ESXi host, or from the ESXi shell, run the following command: # grep -i "^Banner" /etc/ssh/sshd_config If there is no output or the output is not exactly "Banner /etc/issue", this is a finding.
From an SSH session connected to the ESXi host, or from the ESXi shell, add or correct the following line in "/etc/ssh/sshd_config": Banner /etc/issue
The information system displays an organization-defined system use notification message or banner before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
System Use Notification