Guide to the Secure Configuration of Red Hat Enterprise Linux 9
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Distribute the SSH Server configuration to multiple files in a config directory.
Make sure to have the <code>Include /etc/ssh/sshd_config.d/*.conf</code> line in the <code>/etc/ssh/sshd_config</code> file. Ideally, don't have an...Rule Medium Severity -
Enable Use of Privilege Separation
When enabled, SSH will create an unprivileged child process that has the privilege of the authenticated user. To enable privilege separation in SSH...Rule Medium Severity -
SSH server uses strong entropy to seed
To set up SSH server to use entropy from a high-quality source, edit the <code>/etc/sysconfig/sshd</code> file. The <code>SSH_USE_STRONG_RNG</code>...Rule Low Severity -
Reboot Required
A system reboot is implicitly required after some actions in order to complete the reconfiguration of the system. In many cases, the changes will n...Group -
Prevent remote hosts from connecting to the proxy display
The SSH daemon should prevent remote hosts from connecting to the proxy display. <br> The default SSH configuration for <code>X11UseLocalhost</code...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules