CCI-001632 requires non-local maintenance sessions be separated (physically or logically) from other network sessions. Using SSH for maintenance sessions meets this requirement.
Signed-off-by: Willy Santos <[email protected]> --- rhel6/src/input/services/ssh.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/rhel6/src/input/services/ssh.xml b/rhel6/src/input/services/ssh.xml index 049fc9f..3f447f2 100644 --- a/rhel6/src/input/services/ssh.xml +++ b/rhel6/src/input/services/ssh.xml @@ -38,7 +38,7 @@ certain changes should be made to the OpenSSH daemon configuration file <tt>/etc/ssh/sshd_config</tt>. The following recommendations can be applied to this file. See the <tt>sshd_config(5)</tt> man page for more detailed information.</description> -<ref disa="68,197,888" /> +<ref disa="68,197,888,1632" /> <Rule id="sshd_allow_only_protocol2" severity="high"> <title>Allow Only SSH Protocol 2</title> -- 1.7.7.6 _______________________________________________ scap-security-guide mailing list [email protected] https://fedorahosted.org/mailman/listinfo/scap-security-guide
