Configuring SSH – banner configuration – ssh_banner
Details The recommendation is to edit the /etc/ssh/sshd_config file and configure a path to a login herald message. The login...
- Home
- Security Hardening
- CIS IBM AIX 7.1 L1 V1.1.0
CIS IBM AIX 7.1 L1 V1.1.0
Configuring SSH – banner configuration – sshd_config
Details The recommendation is to edit the /etc/ssh/sshd_config file and configure a path to a login herald message. The login...Configuring SSH – client protocol 2
Details The recommendation is to edit the /etc/ssh/ssh_config file and allow the SSH2 protocol only. By default the SSH1 protocol...Configuring SSH – disable null passwords
Details The recommendation is to edit the /etc/ssh/sshd_config file to ensure that the SSH daemon does not authenticate users with...Configuring SSH – disabling direct root access
Details The recommendation is to edit the /etc/ssh/sshd_config file to disable direct root login. By default direct root login via...Configuring SSH – server protocol 2
Details The recommendation is to edit the /etc/ssh/sshd_config file and allow the SSH2 protocol only. By default the SSH1 protocol...Configuring SSH – set LogLevel to INFO
Details The INFO parameter specifices that record login and logout activity will be logged. SSH provides several logging levels with...Configuring SSH – set MaxAuthTries to 4 or Less
Details The MaxAuthTries parameter specifies the maximum number of authentication attempts permitted per connection. When the login failure count reaches...Configuring SSH – set privilege separation
Details The recommendation is to edit the /etc/ssh/sshd_config file to ensure that privilege separation is enabled. Setting privilege separation helps.../etc/inetd.conf – chargen
Details This entry starts the chargen service when required. This service is used to test the integrity of TCP/IP packets...