[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-92020-7

Platform: cpe:/o:ubuntu:ubuntu_linux:16.04Date: (C)2018-07-09   (M)2023-07-04



The HostbasedAuthentication parameter specifies if authentication is allowed through trusted hosts via the user of .rhosts, or /etc/hosts.equiv, along with successful public key client host authentication. This option only applies to SSH Protocol Version 2. Rationale: Even though the .rhosts files are ineffective if support is disabled in /etc/pam.conf, disabling the ability to use .rhosts files in SSH provides an additional layer of protection .


Parameter:

[no/yes]


Technical Mechanism:

Edit the /etc/ssh/sshd_config file to set the parameter as follows: HostbasedAuthentication no

CCSS Severity:CCSS Metrics:
CCSS Score : 7.0Attack Vector: LOCAL
Exploit Score: 1.0Attack Complexity: HIGH
Impact Score: 5.9Privileges Required: NONE
Severity: HIGHUser Interaction: REQUIRED
Vector: AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HScope: UNCHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:46281


OVAL    1
oval:org.secpod.oval:def:46281
XCCDF    1
xccdf_org.secpod_benchmark_general_Ubuntu_16_04

© SecPod Technologies