Rule 4.2.20 needs a change of value in order to be compliant
DianaMariaDDM opened this issue · 0 comments
Describe the Issue
The value for the variable ClientAliveCountMax used in this rule, is faulty!
Expected Behavior
This rule ensures that SSH Idle Timeout Interval is configured.
In a nutshell, it is supposed to do this by editing the ClientAliveInterval and the ClientAliveCountMax variables.
CIS states that: "ClientAliveCountMax must be greater than zero in order to utilize the ability of SSH to drop idle connections."
Actual Behavior
The value for the ClientAliveCountMax variable is set to 0 in the /defaults/main.yml file.
Control(s) Affected
4.2.20 Ensure SSH Idle Timeout Interval is configured
Environment (please complete the following information):
- branch being used: [e.g. devel]
Additional Notes
Anything additional goes here
Possible Solution
The solution is to edit the variable's value to a number greater than 0, such as 3. A following PR will contain the aforementioned fix!