8.2 Enable a Warning Banner for the SSH Service - Banner = /etc/issue

Information

The contents of the Banner string in the /etc/ssh/sshd_config file are sent to the remote user before authentication is allowed, requiring that the user read the legal caution.

Solution

Perform the following to implement the recommended state:
# awk '/^#Banner/ { $1 = "Banner" } { print }' /etc/ssh/sshd_config > /etc/ssh/sshd_config.CIS # mv /etc/ssh/sshd_config.CIS /etc/ssh/sshd_config # svcadm restart svc:/network/ssh

See Also

https://workbench.cisecurity.org/files/612

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-8a.

Plugin: Unix

Control ID: f18072034aca45467096b202f03fd90e732a82934af73bb7e26fea6469362f54