The Red Hat Enterprise Linux operating system must not allow users to override SSH environment variables.
An XCCDF Rule
Description
Failure to restrict system access to authenticated users negatively impacts operating system security.
- ID
- SV-204434r877377_rule
- Version
- RHEL-07-010460
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the operating system to not allow users to override environment variables to the SSH daemon.
Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for "PermitUserEnvironment" keyword and set the value to "no":
PermitUserEnvironment no
The SSH service must be restarted for changes to take effect.