← Back to VMware vSphere 7.0 ESXi Security Technical Implementation Guide

V-256432

CAT II (Medium)

The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.

Rule ID

SV-256432r959010_rule

STIG

VMware vSphere 7.0 ESXi Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-000366

Discussion

Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.

Check Content

From the vSphere Client, go to Hosts and Clusters.

Select the ESXi Host >> Configure >> System >> Advanced System Settings.

Select the "UserVars.SuppressShellWarning" value and verify it is set to "0".

or

From a PowerCLI command prompt while connected to the ESXi host, run the following command:

Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning

If the "UserVars.SuppressShellWarning" setting is not set to "0" or the setting does not exist, this is a finding.

Fix Text

From the vSphere Client, go to Hosts and Clusters.

Select the ESXi Host >> Configure >> System >> Advanced System Settings.

Click "Edit". Select the "UserVars.SuppressShellWarning" value and set it to "0".

or

From a PowerCLI command prompt while connected to the ESXi host, run the following command:

Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value "0"