SLEM 5 SSH daemon private host key files must have mode 640 or less permissive.

An XCCDF Rule

Description

If an unauthorized user obtains the private SSH host key file, the host could be impersonated.

ID: SV-261294r996359_rule
Version: SLEM-05-232045
Severity: Medium
References: CCI-000366
Updated: 5 days ago

Remediation Templates

Configure the mode of SLEM 5 SSH daemon private host key files under "/etc/ssh" to "640" with the following command:

      > sudo chmod 640 /etc/ssh/ssh_host*key