← Back to SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide

V-261293

CAT II (Medium)

SLEM 5 SSH daemon public host key files must have mode 644 or less permissive.

Rule ID

SV-261293r996357_rule

STIG

SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-000366

Discussion

If a public host key file is modified by an unauthorized user, the SSH service may be compromised.

Check Content

Verify SLEM 5 SSH daemon public host key files have mode "644" or less permissive with the following command:

Note: SSH public key files may be found in other directories on the system depending on the installation.

     > find /etc/ssh -name 'ssh_host*key.pub' -exec stat -c "%a %n" {} \;
     644 /etc/ssh/ssh_host_rsa_key.pub
     644 /etc/ssh/ssh_host_dsa_key.pub
     644 /etc/ssh/ssh_host_ecdsa_key.pub
     644 /etc/ssh/ssh_host_ed25519_key.pub

If any file has a mode more permissive than "644", this is a finding.

Fix Text

Configure SLEM 5 SSH daemon public host key files have mode "644" or less permissive.

Note: SSH public key files may be found in other directories on the system depending on the installation.

Change the mode of public host key files under "/etc/ssh" to "644" with the following command:

     > sudo chmod 644 /etc/ssh/ssh_host*key.pub