RHEL 10 must be configured so that Secure Shell (SSH) server configuration files' permissions are not modified.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-281262 | RHEL-10-700590 | SV-281262r1184762_rule | CCI-000213 | medium |
| Description | ||||
| Service configuration files enable or disable features of their respective services, which if configured incorrectly can lead to insecure and vulnerable configurations. Therefore, service configuration files must be owned by the correct group to prevent unauthorized changes. OpenSSH uses the first occurrence of a keyword it sees, and drop-in files are read in lexicographical order at the start of the configuration. Red Hat recommends using drop-in files rather than changing base configuration files. | ||||
| STIG | Date | |||
| Red Hat Enterprise Linux 10 Security Technical Implementation Guide | 2026-03-11 | |||
Details
Check Text (C-281262r1184762_chk)
Verify RHEL 10 is configured so that SSH server configuration files' permissions are not modified.
Check the permissions of the "/etc/ssh/sshd_config" file with the following command:
$ sudo rpm --verify openssh-server | awk '! ($2 == "c" && $1 ~ /^.\..\.\.\.\..\./) {print $0}'
If the command returns any output, this is a finding.
Fix Text (F-85728r1166737_fix)
Configure RHEL 10 so that SSH server configuration files' permissions are not modified.
Run the following commands to restore the correct permissions of OpenSSH server configuration files:
$ sudo rpm --setugids openssh-server
$ sudo rpm --setperms openssh-server