Ensure permissions on SSH configuration file are secure
/etc/ssh/sshd_config file contains configuration specifications for SSHD.
|the permissions are correct by default. This test ensures the default permissions are in place.|
/etc/ssh/sshd_config file needs to be protected from unauthorized changes by non-privileged users.
sshd_config file holds the ssh service settings, it must be owned
and writable only by root to prevent malicious
or unintended modifications to the configuration file,
maintaining the integrity and security of the service.
sshd_config file actual permissions:
ls -l /etc/ssh/sshd_config
The output should result in this:
-rw-r--r-- 1 root root
If the output isn’t the same, set permissions to more restrictive with:
sudo chmod 644 /etc/ssh/sshd_config sudo chown root:root /etc/ssh/sshd_config
Finally you can check if worked with the same
ls -l /etc/ssh/sshd_config command, and compare the results.