Guide to the Secure Configuration of Red Hat Enterprise Linux 8
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SSH client uses strong entropy to seed (Bash-like shells)
To set up SSH client to use entropy from a high-quality source, make sure that the appropriate shell environment variable is configured. The <code>...Rule Medium Severity -
Verify the SSH Private Key Files Have a Passcode
When creating SSH key pairs, always use a passcode. <br> You can create such keys with the following command: <pre>$ sudo ssh-keygen -n [passphrase...Rule Medium Severity -
Configure OpenSSH Server if Necessary
If the system needs to act as an SSH server, then certain changes should be made to the OpenSSH daemon configuration file <code>/etc/ssh/sshd_confi...Group -
SSH RekeyLimit - size
Specify the size component of the rekey limit.Value -
SSH RekeyLimit - size
Specify the size component of the rekey limit.Value -
SSH Compression Setting
Specify the compression setting for SSH connections.Value -
SSH Privilege Separation Setting
Specify whether and how sshd separates privileges when handling incoming network connections.Value -
SSH LoginGraceTime setting
Configure parameters for how long the servers stays connected before the user has successfully logged inValue -
SSH MaxStartups setting
Configure parameters for maximum concurrent unauthenticated connections to the SSH daemon.Value -
Set SSH Client Alive Count Max to zero
The SSH server sends at most <code>ClientAliveCountMax</code> messages during a SSH session and waits for a response from the SSH client. The optio...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules