GEN005515-ESXI5-000100 - The SSH daemon must be configured to not allow TCP connection forwarding

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Edit the SSH daemon configuration and add/modify the 'AllowTCPForwarding' configuration setting it to 'no'.
vi /etc/ssh/sshd_config

See Also

http://iasecontent.disa.mil/stigs/zip/U_ESXi5_Server_V1R10_STIG.zip

Item Details

References: CAT|III, CCI|CCI-000366, Group-ID|V-39248, Rule-ID|SV-51064r1_rule, STIG-ID|GEN005515-ESXI5-000100, Vuln-ID|V-39248

Plugin: VMware

Control ID: f0008c644f87035f18bd631b234abd52694d1c2acd9e2333a673d06e38cbdea0