Information
The warning message reinforces policy awareness during the logon process and facilitates possible legal action against attackers. Alternatively, systems whose ownership should not be obvious should ensure usage of a banner that does not provide easy attribution.
Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088
Solution
Configure RHEL 9 to display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via ssh.
Edit the "etc/ssh/sshd_config" file or a file in "/etc/ssh/sshd_config.d" to uncomment the banner keyword and configure it to point to a file that will contain the logon banner (this file may be named differently or be in a different location if using a version of SSH that is provided by a third-party vendor).
An example configuration line is:
Banner /etc/issue
Item Details
Category: ACCESS CONTROL
References: 800-53|AC-8a., 800-53|AC-8c.1., 800-53|AC-8c.2., 800-53|AC-8c.3., CAT|II, CCI|CCI-000048, CCI|CCI-001384, CCI|CCI-001385, CCI|CCI-001386, CCI|CCI-001387, CCI|CCI-001388, Rule-ID|SV-257981r1045019_rule, STIG-ID|RHEL-09-255025, Vuln-ID|V-257981
Control ID: 004faa83b121499136d7ba85b99b28f3966c9c32734143c386729120598618e3