On 4/26/12 8:06 PM, Willy Santos wrote:
CCI-000888 requires the use of cryptographic mechanisms for non-local maintenance and
diagnostic communications, the use of SSH for such "non-local" connections
meets this requirement.
Signed-off-by: Willy Santos<[email protected]>
---
rhel6/src/input/services/ssh.xml | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/rhel6/src/input/services/ssh.xml b/rhel6/src/input/services/ssh.xml
index 8c93dec..3216a79 100644
--- a/rhel6/src/input/services/ssh.xml
+++ b/rhel6/src/input/services/ssh.xml
@@ -57,6 +57,7 @@ certain changes should be made to the OpenSSH daemon
configuration
file<tt>/etc/ssh/sshd_config</tt>. The following recommendations can be
applied to this file. See the<tt>sshd_config(5)</tt> man page for more
detailed information.</description>
+<ident cci="CCI-000888" />
<Rule id="sshd_allow_only_protocol2" severity="high">
<title>Allow Only SSH Protocol 2</title>
Ack
--
Shawn Wells
Technical Director,
U.S. Intelligence Programs
(e) [email protected]
(c) 443.534.0130
_______________________________________________
scap-security-guide mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/scap-security-guide
