ESXI-65-000011 - The ESXi host SSH daemon must be configured to use only the SSHv2 protocol.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

SSH protocol version 1 suffers from design flaws that result in security vulnerabilities and should not be used. Only SSH protocol version 2 connections should be permitted.

Solution

From an SSH session connected to the ESXi host, or from the ESXi shell, add or correct the following line in '/etc/ssh/sshd_config':

Add or correct the following line in '/etc/ssh/sshd_config':

Protocol 2

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-5_Y20M04_STIG.zip

Item Details

References: CAT|I, CCI|CCI-000068, Rule-ID|SV-104055r1_rule, STIG-ID|ESXI-65-000011, Vuln-ID|V-93969

Plugin: Unix

Control ID: e889dd2461f68330b974fac63ccc1a826a38c4f6f5c93051ca368e75bff2bd01