Amazon Linux 2023 must have SSH installed.

STIG ID: AZLX-23-001180  |  SRG: SRG-OS-000112-GPOS-00057 |  Severity: high (CAT I)  |  CCI: CCI-001941,CCI-002418,CCI-002421,CCI-002420,CCI-002422 |  Vulnerability Id: V-274038

Vulnerability Discussion

Without protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered.

Satisfies: SRG-OS-000112-GPOS-00057, SRG-OS-000113-GPOS-00058, SRG-OS-000423-GPOS-00187, SRG-OS-000424-GPOS-00188, SRG-OS-000425-GPOS-00189, SRG-OS-000426-GPOS-00190

Check

Verify Amazon Linux 2023 has the openssh-server package installed with the following command:

$ dnf list --installed openssh-server
Installed Packages
openssh-server.x86_64 8.7p1-8.amzn2023.0.13 @amazonlinux

If the "openssh-server" package is not installed, this is a finding.

Fix

Configure Amazon Linux 2023 to have the openssh-server package installed with the following command:

$ sudo dnf install -y openssh-server
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.