Ensure SSH PermitUserEnvironment is disabled

Information

Permitting users the ability to set environment variables through the SSH daemon could potentially allow users to bypass security controls (e.g. setting an execution path that has ssh executing trojan'd programs)

Solution

Edit the /etc/ssh/sshd_config file to set the parameter as follows: PermitUserEnvironment no

See Also

https://www.cisco.com/c/en/us/td/docs/security/firepower/623/configuration/guide/fpmc-config-guide-v623.html