file-limit-ssh-group: Limit SSH Users Group Access

日期: 2025-08-01 | 影响软件: file-limit-ssh-group | POC: 已公开

漏洞描述

Limiting SSH user group access enhances security by restricting login permissions to authorized groups, reducing the attack surface and preventing unauthorized access.

PoC代码[已公开]

id: file-limit-ssh-group

info:
  name: Limit SSH Users Group Access
  author: pussycat0x
  severity: unknown
  description: |
    Limiting SSH user group access enhances security by restricting login permissions to authorized groups, reducing the attack surface and preventing unauthorized access.
  remediation: |
    Ensure only necessary users are listed in AllowUsers within /etc/ssh/sshd_config, then restart the SSH service.
  reference:
    - https://vishalraj82.medium.com/hardening-openssh-security-37f5d634015f
    - https://cloud.ibm.com/docs/ssh-keys?topic=ssh-keys-granting-ssh-access-to-a-user
  metadata:
    verified: true
  tags: audit,config,file,ssh

file:
  - extensions:
      - all

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "# This is the sshd server system-wide configuration file"

      - type: word
        words:
          - "AllowGroups"
        negative: true
# digest: 490a0046304402201bf46836cc1c9c0d678530c5166f58c9e6d2be6bde12ee9df19c3f611ecacd7f022011099d6e8891b6948a096831ef5eab2e747b1fe16de30f10dd8d50fc27c0ea37:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./file/audit/ssh/file-limit-ssh-group.yaml