Information
The file /etc/ssh/sshd_config and files ending inconf in the /etc/ssh/sshd_config.d directory, contain configuration specifications for sshd
configuration specifications for sshd need to be protected from unauthorized changes by non-privileged users.
Solution
Run the following script to set ownership and permissions on /etc/ssh/sshd_config and files ending inconf in the /etc/ssh/sshd_config.d directory:
#!/usr/bin/env bash
{
   chmod u-x,og-rwx /etc/ssh/sshd_config
   chown root:root /etc/ssh/sshd_config
   while IFS= read -r -d $'0' l_file; do
      if [ -e "$l_file" ]; then
         chmod u-x,og-rwx "$l_file"
         chown root:root "$l_file"
      fi
   done < <(find /etc/ssh/sshd_config.d -type f -print0 2>/dev/null)
}
- IF - other locations are listed in an Include statement, *.conf files in these locations access should also be modified.