Home » Misconfiguration »

SSH LoginGraceTime is not set to less than or equal to 1 minute

View the security misconfiguration catalog
  • Misconfiguration Name
  • SSH LoginGraceTime is not set to less than or equal to 1 minute
  • Description
  • SSH (Secure Shell) protocol allows you to connect to a remote Linux system securely using a variety of SSH clients. The LoginGraceTime parameter specifies the time allowed for successful authentication to the SSH server. The longer the grace period is, the more open unauthenticated connections can exist. Fixing this misconfiguration will limit the login grace period to 1 minute.
  • Severity
  • important
  • Category
  • Linux Secure Shell
  • Resolution
  • Follow the below steps to resolve the misconfiguration. Edit the /etc/ssh/sshd_config file to set the parameter as follows:
    LoginGraceTime 60
  • Potential issues that may arise after applying the resolution
  • Altering the existing security setting may create the following impact in your network operations.
  • Does remediation require reboot?
  • No

Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.