The system must display the date and time of the last successful account logon upon an SSH logon.

From Canonical Ubuntu 16.04 Security Technical Implementation Guide

Part of SRG-OS-000480-GPOS-00227

Associated with: CCI-000366

SV-90515r2_rule The system must display the date and time of the last successful account logon upon an SSH logon.

Vulnerability discussion

Providing users with feedback on when account accesses via SSH last occurred facilitates user recognition and reporting of unauthorized account use.

Check content

Verify SSH provides users with feedback on when account accesses last occurred. Check that "PrintLastLog" keyword in the sshd daemon configuration file is used and set to "yes" with the following command: # grep PrintLastLog /etc/ssh/sshd_config PrintLastLog yes If the "PrintLastLog" keyword is set to "no", is missing, or is commented out, this is a finding.

Fix text

Add or edit the following lines in the "/etc/ssh/sshd_config" file: PrintLastLog yes The SSH daemon must be restarted for the changes to take effect. To restart the SSH daemon, run the following command: # sudo systemctl restart sshd.service

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer