このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
The rsh-client
package contains the client commands
for the rsh services
Rationale
These legacy clients contain numerous security exposures and have
been replaced with the more secure SSH package. Even if the server is removed,
it is best to ensure the clients are also removed to prevent users from
inadvertently attempting to use these commands and therefore exposing
their credentials. Note that removing the rsh-client
package removes
the clients for rsh
,rcp
, and rlogin
.
Shell script
The following script can be run on the host to remediate the issue.
#!/bin/bash
# CAUTION: This remediation script will remove rsh-client
# from the system, and may remove any packages
# that depend on rsh-client. Execute this
# remediation AFTER testing on a non-production
# system!
DEBIAN_FRONTEND=noninteractive apt-get remove -y "rsh-client"
Ansible playbook
The following playbook can be run with Ansible to remediate the issue.
- name: Ensure rsh-client is removed
package:
name: rsh-client
state: absent
tags:
- NIST-800-171-3.1.13
- PCI-DSSv4-2.2.4
- disable_strategy
- low_complexity
- low_disruption
- no_reboot_needed
- package_rsh_removed
- unknown_severity