Hello Team,
One of our customer raised concern that --
The rule going wrong are:
xccdf_org.ssgproject.content_rule_file_permissions_sshd_private_key
xccdf_org.ssgproject.content_rule_file_permissions_sshd_pub_key
On the customer's system, the correct permissions seen --
Red Hat Enterprise Linux Server release 7.5 (Maipo)
openssh-server-7.4p1-16.el7.x86_64
openscap-1.2.16-6.el7.x86_64
- 640 for public key files (*.pub)
- 600 for private key files (*_key)
Output of ls –l /etc/ssh
-rw-r--r--. 1 root root 581843 Nov 24 2017 moduli
-rw-r--r--. 1 root root 2276 Nov 24 2017 ssh_config
-rw-------. 1 root root 4026 Sep 4 14:20 sshd_config
-rw-------. 1 root ssh_keys 241 Sep 4 14:20 ssh_host_ecdsa_key
-rw-r--r--. 1 root root 162 Sep 4 14:20 ssh_host_ecdsa_key.pub
-rw-------. 1 root ssh_keys 1704 Sep 4 14:20 ssh_host_rsa_key
-rw-r--r--. 1 root root 382 Sep 4 14:20 ssh_host_rsa_key.pub
-rw-r--r--. 1 root root 2548 Sep 4 14:20 ssh_known_hosts
Please find attached screenshot and suggest.
Warm Regards,
Dushyant Uge
Red Hat Global Support