Skip to content

5.2.5 Ensure SSH LogLevel is appropriate

Audit#

Run the following command and verify that output matches loglevel VERBOSE or loglevel INFO: 

# sshd -T -C user=root -C host="$(hostname)" -C addr="$(grep $(hostname) /etc/hosts | awk '{print $1}')" | grep loglevel

loglevel VERBOSE or loglevel INFO

Run the following command and verify the output matches: 

# grep -i 'loglevel' /etc/ssh/sshd_config | grep -Evi '(VERBOSE|INFO)'

Nothing should be returned

Remediation#

Edit the /etc/ssh/sshd_config file to set the parameter as follows: 

LogLevel VERBOSE

OR

LogLevel INFO

Default Value:

LogLevel INFO