Enable Privilege Separation in SSH

ID: file-enable-ssh-privilege-separation

Severity: unknown

Author: pussycat0x

Tags: audit,config,file,ssh

Description

Privilege separation in SSH enhances security by running the SSH daemon with minimal privileges, reducing the risk of privilege escalation. It limits the impact of vulnerabilities, preventing full system compromise if SSH is exploited.

YAML Source

id: file-enable-ssh-privilege-separation

info:
  name: Enable Privilege Separation in SSH
  author: pussycat0x
  severity: unknown
  description: |
    Privilege separation in SSH enhances security by running the SSH daemon with minimal privileges, reducing the risk of privilege escalation. It limits the impact of vulnerabilities, preventing full system compromise if SSH is exploited.
  remediation: |
    Set UsePrivilegeSeparation yes in /etc/ssh/sshd_config to enhance security and restart the SSH service.
  reference:
    - https://vishalraj82.medium.com/hardening-openssh-security-37f5d634015f
    - https://www.stigviewer.com/stig/red_hat_enterprise_linux_9/2023-09-13/finding/V-258010
  metadata:
    verified: true
  tags: audit,config,file,ssh

file:
  - extensions:
      - all

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "# This is the sshd server system-wide configuration file"

      - type: word
        words:
          - "UsePrivilegeSeparation yes"
        negative: true
# digest: 4a0a0047304502204138a392da7e1ca0ae7950b517d190c3578c7fdf8c122ba6e13854cc5bb07100022100904df0df0b65201e4173587731e1bd58ab68465ad4bac022d488c7e945cce4ab:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "file/audit/ssh/file-enable-ssh-privilege-separation.yaml"

View on Github