Closed
Description
Currently, "authenticated users" have setValue permissions for HKEY_LOCAL_MACHINE\SOFTWARE\OpenSSH, HKEY_LOCAL_MACHINE\SOFTWARE\OpenSSH\Agent registry entries.
This is not desirable behavior as "authenticated users" can change the configuration like DefaultShell.
New change -
HKEY_LOCAL_MACHINE\SOFTWARE\OpenSSH - Full control to local system account, administrators group and readonly to the "authenticated users"
HKEY_LOCAL_MACHINE\SOFTWARE\OpenSSH\Agent - Full control to local system account, administrators group.