The recommendation is to edit the /etc/ssh/sshd_config file to ensure that host-based authentication is disallowed. Rationale: Using host-based authentication, any user on a trusted host can log into another host on which this feature is enabled. Since this feature depends only on system authentication and not on user authentication, it must be disabled.
Solution
Edit the /etc/ssh/sshd_config file to ensure that host based authentication is disallowed: vi /etc/ssh/sshd_config Replace: #HostbasedAuthentication no With: HostbasedAuthentication no Re-cycle the sshd daemon to pick up the configuration changes: stopsrc -s sshd startsrc -s sshd Default Value: HostbasedAuthentication no Additional Information: Reversion: Revert to the default setting for the HostBasedAuthentication parameter: vi /etc/ssh/sshd_config Replace: HostbasedAuthentication no With: # HostbasedAuthentication no Re-cycle the sshd daemon to pick up the configuration changes: stopsrc -s sshd startsrc -s sshd