9.1.13.5. Least Privilege¶

The SSH service runs under the ssh user and ssh group. This is allows directory permissions to limit the service’s access to files/directories not owned by the ssh user/group. The ssh user does not have a valid login shell.

X11 forwarding over SSH is explicitly disallowed. This limits the exposure of the SSH server to networks outside of the control of SIMP.

References: AC-6 : LEAST PRIVILEGE

Read the Docs v: master

Versions: master; latest; stable; 6.6.0; 6.5.0-3; 6.5.0-2; 6.5.0-1; 6.4.0-0; 6.3.3; 6.3.0-0; 6.2.0-0; 6.1.0-0; 6.0.0-0; 5.2.1-0; 5.2.0-0; 5.1.0-3; 5.1.0-2; 5.1.0-1; 5.1.0-0; 4.3.1-0; 4.3.0-0; 4.2.0-2; 4.2.0-1; 4.2.0-0; simp-maint-example-role-formatting; simp-maint-example-fixes

Downloads: pdf; html; epub

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.