If AIX SSH daemon is required, the SSH daemon must only listen on the approved listening IP addresses.

An XCCDF Rule

Description

The SSH daemon should only listen on the approved listening IP addresses. Otherwise the SSH service could be subject to unauthorized access.

ID: SV-215306r991593_rule
Version: AIX7-00-002124
Severity: Medium
References: CCI-000366
Updated: 23 days ago

Remediation Templates

Edit the SSH daemon config file and add/modify the "ListenAddress" network addresses:
# vi /etc/ssh/sshd_config

Restart SSH daemon:
# stopsrc -s sshd
# startsrc -s sshd