Ensure ‘SSH session timeout’ is less than or equal to ‘5’ minutes

Details

Sets the idle timeout for an SSH session before the security appliance terminates it.

Rationale:

Limiting session timeout prevents unauthorized users from using abandoned sessions to perform malicious activities.

Solution

Step 1: Run the following to set the SSH timeout to 5 minutes

hostname(config)# ssh timeout 5

Default Value:

The default session timeout value is 5 minutes.

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/3246

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Cisco.

References

800-53|CM-2
CSCv6|16.4
CSCv7|11.1

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles