STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

V-22486

CAT II (Medium)

The SSH daemon must use privilege separation.

Rule ID

SV-46100r2_rule

STIG

SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

Version

V1R12

CCIs

CCI-000225

Discussion

SSH daemon privilege separation causes the SSH process to drop root privileges when not needed, which would decrease the impact of software vulnerabilities in the unprivileged section.

Check Content

Check the SSH daemon configuration for the UsePrivilegeSeparation setting.
# grep -i UsePrivilegeSeparation /etc/ssh/sshd_config | grep -v '^#' 
If the setting is not present, or not set to "yes", this is a finding.

Fix Text

Edit the SSH daemon configuration and add or edit the "UsePrivilegeSeparation" setting value to "yes".

Restart the SSH daemon.
# /sbin/service sshd restart