content icon indicating copy to clipboard operation
content copied to clipboard

Published 20 hours ago verified publisher icon ComplianceAsCode

content_rule_sshd_set_keepalive has the wrong value, zero disables the termination

Open JohnHouwer opened this issue 4 years ago • 1 comments

Description of problem:

content_rule_sshd_set_keepalive has the wrong value, zero disables the termination

Setting a zero ClientAliveCountMax disables connection termination. "man sshd_config"

SCAP Security Guide Version:

Master

Operating System Version:

Ubuntu 20.04 (any)

Additional Information/Debugging Steps:

Quoting from CIS Benchmark Ubuntu Linux 20.04 v1.0.0 "Remediation: Edit the /etc/ssh/sshd_config file to set the parameters according to site policy. This should include ClientAliveInterval between 1 and 300 and ClientAliveCountMax of 3 or less" And "Run the following command and verify ClientAliveCountMax is between 1 and 3:"

A little confusing but we do not want a value of zero for ClientAliveCountMax.

JohnHouwer avatar Jan 10 '21 21:01 JohnHouwer

Note that Ubuntu 18.04 v2.0.1 allows (and explicitly shows in the example) a value of 0; this is a change in 20.04 v1.0.0 guidance.

I don't think 20.04 CIS benchmark is complete. But, it is WIP and being addressed in #6416.

cipherboy avatar Mar 19 '21 13:03 cipherboy

I believe this was fixed in d191108 Let us know if you still see issues with this rule

dodys avatar Feb 28 '23 11:02 dodys