Lynis security controls
Proper hardening of your SSH configuration can reduce known weaknesses
|SSH-7412||SSH||SSH permit root login|
For proper authorization purposes, do not use direct root logins. Doing so, may result in actions being performed by administrators without any traceability. Also using root permissions directly might increase the risk of intrusion or availability. (e.g. brute force attacks on the password, account lockout)Unless the owner of each key is traceable, public key authentication can be considered.
|SSH-7416||SSH||StrictModes option in SSH|
SSH has the option to check for file permissions before use configuration and other files. With the StrictModes option, it will only use those files which are properly configured (e.g. not using chmod 777 applied).