Check: ESXI-65-000009
VMware vSphere 6.5 ESXi STIG:
ESXI-65-000009
(in versions v2 r4 through v1 r1)
Title
The ESXi host SSH daemon must be configured with the Department of Defense (DoD) login banner. (Cat II impact)
Discussion
The warning message reinforces policy awareness during the logon process and facilitates possible legal action against attackers. Alternatively, systems whose ownership should not be obvious should ensure usage of a banner that does not provide easy attribution.
Check Content
From an SSH session connected to the ESXi host, or from the ESXi shell, run the following command: # grep -i "^Banner" /etc/ssh/sshd_config If there is no output or the output is not exactly "Banner /etc/issue", this is a finding.
Fix Text
From an SSH session connected to the ESXi host, or from the ESXi shell, add or correct the following line in "/etc/ssh/sshd_config": Banner /etc/issue
Additional Identifiers
Rule ID: SV-207610r378520_rule
Vulnerability ID: V-207610
Group Title: SRG-OS-000023-VMM-000060
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000048 |
The information system displays an organization-defined system use notification message or banner before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance. |
Controls
Number | Title |
---|---|
AC-8 |
System Use Notification |