======5.2.6 Ensure SSH IgnoreRhosts is enabled (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The ''IgnoreRhosts'' parameter specifies that ''.rhosts'' and ''.shosts'' files will not be used in ''RhostsRSAAuthentication'' or ''HostbasedAuthentication''.

=====Rationale=====
Setting this parameter forces users to enter a password when authenticating with ssh.

=====Audit===== 
Run the following command and verify that output matches:
<Code:bash>
# grep "^IgnoreRhosts" /etc/ssh/sshd_config 
IgnoreRhosts yes
</Code>

=====Remediation===== 
Edit the ''/etc/ssh/sshd_config'' file to set the parameter as follows:
<Code:bash>
IgnoreRhosts yes
</Code>