Uninstall rsh Package
An XCCDF Rule
Description
The rsh
package contains the client commands
for the rsh services
Rationale
These legacy clients contain numerous security exposures and have
been replaced with the more secure SSH package. Even if the server is removed,
it is best to ensure the clients are also removed to prevent users from
inadvertently attempting to use these commands and therefore exposing
their credentials. Note that removing the rsh
package removes
the clients for rsh
,rcp
, and rlogin
.
- ID
- xccdf_org.ssgproject.content_rule_package_rsh_removed
- Severity
- Unknown
- References
- Updated
Remediation - Puppet
include remove_rsh
class remove_rsh {
package { 'rsh':
ensure => 'purged',
}
Remediation - Shell Script
# CAUTION: This remediation script will remove rsh
# from the system, and may remove any packages
# that depend on rsh. Execute this
# remediation AFTER testing on a non-production
# system!
Remediation - Ansible
- name: Ensure rsh is removed
package:
name: rsh
state: absent
tags:
- NIST-800-171-3.1.13