View the security misconfiguration catalog
  • Misconfiguration Name
  • Access rights to SSH configuration file is not limited to default root account
  • Description
  • SSH (Secure Shell) protocol allows you to connect to a remote Linux system securely using a variety of SSH clients. Access rights for SSH configuration file (/etc/ssh/sshd_config) is not configured appropriately. Fixing this misconfiguration will limit the access rights of SSH configuration file only to default root account.
  • Severity
  • critical
  • Category
  • Linux Secure Shell
  • Resolution
  • Follow the below steps to resolve the misconfiguration. Run the following commands to set ownership and permissions on /etc/ssh/sshd_config :
    chown root:root /etc/ssh/sshd_config
    chmod og-rwx /etc/ssh/sshd_config
  • Potential issues that may arise after applying the resolution
  • Altering the existing security setting may create the following impact in your network operations.
  • Does remediation require reboot?
  • No