ESXI-06-000014 - The SSH daemon must not permit root logins.

Gavin M. Dennis

22 April 2022 15:15

Details

Permitting direct root login reduces auditable information about who ran privileged commands on the system and also allows direct attack attempts on root's password.

Solution

The root user should never be allowed to log in to a system directly over a network.

Add or correct the following line in '/etc/ssh/sshd_config':

PermitRootLogin no

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/U_VMware_vSphere_6-0_ESXi_V1R5_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-6b.
CAT|III
CCI|CCI-000366
Group-ID|V-63197
Rule-ID|SV-77687r1_rule
STIG-ID|ESXI-06-000014
Vuln-ID|V-63197

Source

Tenable.com/audits

PS. Before you go.

Request a quote to protect your organisation from cyber attacks and breaches.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section