Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CIS FAIL: Wrong value for CountMax #170

Closed
ipruteanu-sie opened this issue Feb 6, 2024 · 1 comment
Closed

CIS FAIL: Wrong value for CountMax #170

ipruteanu-sie opened this issue Feb 6, 2024 · 1 comment
Assignees
@uk-bolly
Labels
bug Something isn't working

Comments

@ipruteanu-sie
Copy link
Contributor

Describe the Issue
RULE 5.2.20: Ensure no file named /etc/ssh/sshd_config exists and matches pattern ^(?i)\h*ClientAliveCountMax\h+0\b.
However, we're using 0 as the configured value.

Expected Behavior
CIS PASS:

"02/06/2024 18:12:07","ip-172-31-42-172.eu-west-1.compute.internal","N/A","N/A","1.0.0","#scap_org.cisecurity_comp_1.0.0_CIS_Red_Hat_Enterprise_Linux_9_Benchmark-xccdf","CIS Red Hat Enterprise Linux 9 Benchmark","xccdf_org.cisecurity.benchmarks_benchmark_1.0.0_CIS_Red_Hat_Enterprise_Linux_9_Benchmark","Level 2 - Server","xccdf_org.cisecurity.benchmarks_profile_Level_2_-_Server","xccdf_org.cisecurity.benchmarks_rule_5.2.20_Ensure_SSH_Idle_Timeout_Interval_is_configured","5.2.20","Ensure SSH Idle Timeout Interval is configured","pass","https://man.openbsd.org/sshd_config"

Actual Behavior

Script:sce/sshd_running_config.sh
Result:Fail
Exit Value:102
Output:

- Audit Result:** FAIL **
- Reason(s) for audit failure:
- check sshd parameter: "clientalivecountmax 0" 

| Script: | sce/sshd_running_config.sh | Result: | Fail | Exit Value: | 102 | Output: | - Audit Result:** FAIL **- Reason(s) for audit failure:- check sshd parameter: "clientalivecountmax 0"
Script: | sce/sshd_running_config.sh
Result: | Fail
Exit Value: | 102
Output: | - Audit Result:** FAIL **- Reason(s) for audit failure:- check sshd parameter: "clientalivecountmax 0"

Control(s) Affected
5.2.20
Environment (please complete the following information):

  • branch being used: [e.g. devel]
  • Ansible Version: [e.g. 2.10]
  • Host Python Version: [e.g. Python 3.7.6]
  • Ansible Server Python Version: [e.g. Python 3.7.6]
  • Additional Details:

Additional Notes
Anything additional goes here

Possible Solution
PR
@ipruteanu-sie ipruteanu-sie added the bug Something isn't working label Feb 6, 2024
@ipruteanu-sie ipruteanu-sie mentioned this issue Feb 6, 2024
Closed
1 task
@uk-bolly uk-bolly self-assigned this Feb 19, 2024
@ipruteanu-sie ipruteanu-sie mentioned this issue Feb 21, 2024
Closed
uk-bolly added a commit that referenced this issue Mar 6, 2024
@uk-bolly
Issue #170, PR #181 thanks to @ipruteanu-sie
b31ece0 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
uk-bolly added a commit that referenced this issue Mar 6, 2024
@uk-bolly
March 24 to devel (#186)
7d7b613 
* Issue #170, PR #181 thanks to @ipruteanu-sie

* issue #182, PR #183 thansk to @ipruteanu-sie

* PR #180 thanks to @ipruteanu-sie and @raabf

* Addressed PR #165 thanks to @ipruteanu-sie

* PT #184 addressed thansk to @ipruteanu-sie

* updated credits

* typo and ssh allow_deny comments

* enable OS check

---------

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
ipruteanu-sie pushed a commit to siemens/RHEL9-CIS that referenced this issue Mar 11, 2024
@uk-bolly @ipruteanu-sie
March 24 to devel (ansible-lockdown#186)
504c553 
* Issue ansible-lockdown#170, PR ansible-lockdown#181 thanks to @ipruteanu-sie

* issue ansible-lockdown#182, PR ansible-lockdown#183 thansk to @ipruteanu-sie

* PR ansible-lockdown#180 thanks to @ipruteanu-sie and @raabf

* Addressed PR ansible-lockdown#165 thanks to @ipruteanu-sie

* PT ansible-lockdown#184 addressed thansk to @ipruteanu-sie

* updated credits

* typo and ssh allow_deny comments

* enable OS check

---------

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
Signed-off-by: Pruteanu <ionut.pruteanu@siemens.com>
uk-bolly added a commit that referenced this issue Apr 15, 2024
@uk-bolly
April_24 updates (#201)
f8fcfe0 
* Issue #170, PR #181 thanks to @ipruteanu-sie

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* issue #182, PR #183 thansk to @ipruteanu-sie

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* PR #180 thanks to @ipruteanu-sie and @raabf

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* Addressed PR #165 thanks to @ipruteanu-sie

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* PT #184 addressed thansk to @ipruteanu-sie

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* updated credits

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* typo and ssh allow_deny comments

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* enable OS check

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* PR - #198 addressed thanks to @brakkio86

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* Addressed issue #190

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* Additional vars for issue #190

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* updated pre-commit version

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* consistent quotes around mode

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* moved audit added discoveries

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* removed unneeded vars

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* audit moved to prelim

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* tidy up

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* improved new variable usage

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* fixed logic 6.2.10

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* updated

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* addressed #197 thanks to @mark-tomich

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* updates for audit section

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* fixed naming

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* updated

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

* added prelim to includes

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

---------

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
@uk-bolly
Copy link
Member

hi @ipruteanu-sie

This Issue has been merged to devel and into main branch. I will therefore close this issue.
Please feel free to reopen if you feel its not as expected.

Many thanks again for your time

uk-bolly

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@uk-bolly uk-bolly

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@uk-bolly @ipruteanu-sie