RHEL 9 must not permit direct logons to the root account using remote access via SSH.

An XCCDF Rule

Description

<VulnDiscussion>Even though the communications channel may be encrypted, an additional layer of security is gained by extending the policy of not logging directly on as root. In addition, logging in with a user-specific account provides individual accountability of actions performed on the system and also helps to minimize direct attack attempts on root's password. Satisfies: SRG-OS-000109-GPOS-00056, SRG-OS-000480-GPOS-00227</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-257985r943036_rule
Severity: Medium
References: CCI-000366 CCI-000770
Updated: 8 months ago

To configure the system to prevent SSH users from logging on directly as root add or modify the following line in "/etc/ssh/sshd_config".

 PermitRootLogin no

Restart the SSH daemon for the settings to take effect:
$ sudo systemctl restart sshd.service

RHEL 9 must not permit direct logons to the root account using remote access via SSH.

Description

Remediation - Manual Procedure