Detections
Analytics
RHEL-10-700590 - RHEL 10 must be configured so that Secure Shell (SSH) server configuration files' permissions are not modified.
Information
Service configuration files enable or disable features of their respective services, which if configured incorrectly can lead to insecure and vulnerable configurations. Therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.OpenSSH uses the first occurrence of a keyword it sees, and drop-in files are read in lexicographical order at the start of the configuration. Red Hat recommends using drop-in files rather than changing base configuration files.
Solution
Configure RHEL 10 so that SSH server configuration files' permissions are not modified.Run the following commands to restore the correct permissions of OpenSSH server configuration files:
$ sudo rpm --setugids openssh-server
$ sudo rpm --setperms openssh-server
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_10_V1R1_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 10 STIG v1r1
Category: ACCESS CONTROL
References: 800-53|AC-3, CAT|II, CCI|CCI-000213, Rule-ID|SV-281262r1184762_rule, STIG-ID|RHEL-10-700590, Vuln-ID|V-281262
Plugin: Unix
Control ID: 610409b1c3519a2e7054337cc2f86163e5f3c5816da269c39ef96a658b611009