RHEL 9 must have the openssh-clients package installed.

STIG ID: RHEL-09-255020  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-257980 | 

Vulnerability Discussion

This package includes utilities to make encrypted connections and transfer files securely to SSH servers.

Check

Verify that RHEL 9 has the openssh-clients package installed with the following command:

$ sudo dnf list --installed openssh-clients

Example output:

openssh-clients.x86_64 8.7p1-8.el9

If the "openssh-clients" package is not installed, this is a finding.

Fix

The openssh-clients package can be installed with the following command:

$ sudo dnf install openssh-clients