From Solaris 11 SPARC Security Technical Implementation Guide
Part of SRG-OS-000025
Associated with: CCI-000052
Users need to be aware of activity that occurs regarding their account. Providing users with information regarding the date and time of their last successful login allows the user to determine if any unauthorized activity has occurred and gives them an opportunity to notify administrators.
Determine if last login will be printed for SSH users. # grep PrintLastLog /etc/ssh/sshd_config If PrintLastLog is found, not preceded with a "#" sign, and is set to "no", this is a finding. PrintLastLog should either not exist (defaulting to yes) or exist and be set to yes.
The root role is required for this action. # pfedit /etc/ssh/sshd_config Locate the line containing: PrintLastLog no and place a comment sign ("# ")at the beginning of the line or delete the line # PrintLastLog no Restart the ssh service # pfexec svcadm restart svc:/network/ssh
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer