Big Sur - Disable SSH Server for Remote Access Sessions

Information

SSH service _MUST_ be disabled for remote access.

Remote access sessions _MUST_ use FIPS validated encrypted methods to protect unauthorized individuals from gaining access.

Solution

[source,bash]
----
/bin/launchctl disable system/com.openssh.sshd
----

See Also

https://github.com/usnistgov/macos_security

Item Details

Category: ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

References: 800-53|AC-3, 800-53|AC-17, 800-53|CM-7, 800-53|CM-7(1), 800-53|IA-2(8), CCE|CCE-85447-1, STIG-ID|APPL-11-000011

Plugin: Unix

Control ID: 882f8ef0a2c85f511db48fe83f665e08a0650d3220a479b5ff62518457f39ff5