Big Sur - Disable SSH Server for Remote Access Sessions

Information

SSH service _MUST_ be disabled for remote access.

Remote access sessions _MUST_ use FIPS validated encrypted methods to protect unauthorized individuals from gaining access.

Solution

[source,bash]
----
/bin/launchctl disable system/com.openssh.sshd
----

See Also

https://github.com/usnistgov/macos_security

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

References: 800-53|AC-3, 800-53|AC-17, 800-53|CM-7, 800-53|CM-7(1), 800-53|IA-2(8), CCE|CCE-85447-1, STIG-ID|APPL-11-000011

Plugin: Unix

Control ID: f428262c01ebcfa75124b3da76c4ecce114871aca58027fd37ac3a79f581c385