STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide

V-269262

CAT II (Medium)

The AlmaLinux OS 9 SSH server configuration file must be owned by root.

Rule ID

SV-269262r1050144_rule

STIG

Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide

Version

V1R6

CCIs

CCI-000366

Discussion

Service configuration files enable or disable features of their respective services, which, if configured incorrectly, can lead to insecure and vulnerable configurations. Therefore, service configuration files must be owned by the correct group to prevent unauthorized changes.

Check Content

Verify the ownership of "/etc/ssh/sshd_config" and any "/etc/ssh/sshd_config.d/*.conf" files with the following command:

$ find /etc/ssh/sshd_config /etc/ssh/sshd_config.d -exec stat -c "%U %n" {} \;

root /etc/ssh/sshd_config
root /etc/ssh/sshd_config.d
root /etc/ssh/sshd_config.d/40-stig.conf
root /etc/ssh/sshd_config.d/50-redhat.conf
root /etc/ssh/sshd_config.d/clientalive.conf

If any of the files do not have an owner of "root", this is a finding.

Fix Text

Configure the SSHD config files to be owned by root with the following command:

$ chown root /etc/ssh/sshd_config /etc/ssh/sshd_config.d/*.conf