ESXI-06-000016 – The SSH daemon must not permit user environment settings.

Details

SSH environment options potentially allow users to bypass access restriction in some configurations.

Solution

To ensure users are not able to present environment options to the SSH daemon, add or correct the following line in ‘/etc/ssh/sshd_config’:

PermitUserEnvironment no

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/U_VMware_vSphere_6-0_ESXi_V1R5_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-6b.
CAT|II
CCI|CCI-000366
CSCv6|3.1
Group-ID|V-63201
Rule-ID|SV-77691r1_rule
STIG-ID|ESXI-06-000016
Vuln-ID|V-63201

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles