{"description": "\nTo properly set the permissions of <code>/etc/sysconfig/sshd</code>, run the command:\n<pre>$ sudo chmod 0640 /etc/sysconfig/sshd</pre>", "rationale": "The <tt>/etc/sysconfig/sshd</tt> file contains configuration options for the SSH daemon.\nProtection of this file is important for system security. The file should have mode 0640\nor more restrictive to prevent unauthorized access and modifications.", "severity": "medium", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "/etc/sysconfig/sshd does not have unix mode -rw-r-----", "ocil": "To check the permissions of <code>/etc/sysconfig/sshd</code>,\nrun the command:\n<pre>$ ls -l /etc/sysconfig/sshd</pre>\nIf properly configured, the output should indicate the following permissions:\n<code>-rw-r-----</code>", "oval_external_content": null, "fixtext": " Configure the \"/etc/sysconfig/sshd\" file to \"0640\" by running the following command:\n$ sudo chmod 0640 /etc/sysconfig/sshd", "checktext": "", "vuldiscussion": "", "srg_requirement": " The Ubuntu 22.04 /etc/sysconfig/sshd file must have mode 0640 or less permissive to prevent unauthorized access.", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Verify Permissions on /etc/sysconfig/sshd File", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/permissions/files/file_permissions_etc_sysconfig_sshd/rule.yml", "template": {"name": "file_permissions", "vars": {"filepath": "/etc/sysconfig/sshd", "filemode": "0640", "allow_stricter_permissions": "true"}, "backends": {}}}