======5.2.10 Ensure SSH PermitUserEnvironment is disabled (Scored)======
=====Profile Applicability=====
Level 1 - Server
Level 1 - Workstation
=====Description=====
The ''PermitUserEnvironment'' option allows users to present environment options to the ''ssh'' daemon.
=====Rationale=====
Permitting users the ability to set environment variables through the SSH daemon could potentially allow users to bypass security controls (e.g. setting an execution path that has ''ssh'' executing trojan'd programs)
=====Audit=====
Run the following command and verify that output matches:
# grep "PermitUserEnvironment" /etc/ssh/sshd_config
PermitUserEnvironment no
=====Remediation=====
Edit the ''/etc/ssh/sshd_config'' file to set the parameter as follows:
PermitUserEnvironment no