STIG sshd configuration updates are required

Description

These need to both be verified in the module and added to compliance_markup

  • PermitUserEnvironment no

  • HostbasedAuthentication no

  • RhostsRSAAuthentication no

  • ClientAliveCountMax 0

  • IgnoreRhosts yes

  • IgnoreUserKnownHosts yes

  • MACs hmac-sha2-256,hmac-sha2-512

    • Compliance markup only

  • StrictModes yes

  • UsePrivilegeSeparation sandbox

    • EL7 only needs to be fixed in markup and validated in module

  • Compression no

  • KerberosAuthentication no

Acceptance Criteria

None

Activity

Show:
Jeanne Greulich
May 14, 2018, 6:54 PM

inspect updates

Jeanne Greulich
May 14, 2018, 9:18 PM

updated compliance profile

Trevor Vaughan
August 31, 2018, 4:18 PM

Accidentally moved into Testing by PRs

Labels

None

Epic Link

Story Points

6

Sprint

None

Affects versions

Priority

Medium
Configure