diff --git a/src/freedombone-tests b/src/freedombone-tests
index 417877c2..6fe801d7 100755
--- a/src/freedombone-tests
+++ b/src/freedombone-tests
@@ -759,6 +759,12 @@ function test_stig {
     output "V-38605" $? ${SETLANG}
     ################
 
+    ##Check that openssh client and server are installed
+    bash scripts/check-ssh.sh installed >/dev/null 2>&1 &
+    stig_spinner $!
+    output "SV-86857r1_rule" $? ${SETLANG}
+    ################
+    
     ##RHEL-06-000227
     ##The SSH daemon must be configured to use only the SSHv2 protocol.
 
diff --git a/tests/check-ssh.sh b/tests/check-ssh.sh
index 38003d0a..6aa81413 100644
--- a/tests/check-ssh.sh
+++ b/tests/check-ssh.sh
@@ -44,6 +44,15 @@ case $1 in
             exit 1
         fi
         ;;
+    installed)
+	OPENSSH_SERVER=`dpkg -s openssh-server | grep -i "Status:.*install.*ok.*installed" | wc -l`
+	OPENSSH_CLIENT=`dpkg -s openssh-client | grep -i "Status:.*install.*ok.*installed" | wc -l`
+	if [ ${OPENSSH_SERVER} -eq 1 -a ${OPENSSH_CLIENT} -eq 1 ];then
+	    :
+	else
+	    exit 1
+	fi	
+	;;    
     sshd_status)
         if systemctl status sshd | grep "Active:.*(running)";then
             :
diff --git a/tests/output.sh b/tests/output.sh
index 5843ec6b..638119ed 100644
--- a/tests/output.sh
+++ b/tests/output.sh
@@ -1399,6 +1399,15 @@ disabled. The "nis" service can be disabled with the following commands:\n\n#upd
                   printf '\n######################\n\nSTIG-ID:RHEL-06-000224\n\nVulnerability Discussion: Due to its usage for maintenance and security-supporting tasks, enabling the cron daemon is essential.\n\nFix text: The "crond" service is used to execute commands at preconfigured times. It is required by almost all systems to perform necessary maintenance tasks, such as notifying root of system activity. The "crond" service can be enabled with the following commands:\n\n#update-rc.d cron defaults\nservice cron start\n\n######################\n\n' >> $LOG
               fi
               ;;
+    SV-86857r1_rule) if [ "$3" = "en" ]; then
+			 log_msg $2 'OpenSSH server and client must be installed.'
+		     else
+			 log_msg $2 '必须安装OpenSSH服务器和客户端'
+		     fi		     
+		     if [ $2 -ne 0 ];then
+			 printf '\n######################\n\nWithout protection of the transmitted information, confidentiality and integrity may be compromised because unprotected communications can be intercepted and either read or altered. \n\nThis requirement applies to both internal and external networks and all types of information system components from which information can be transmitted (e.g., servers, mobile devices, notebook computers, printers, copiers, scanners, and facsimile machines). Communication paths outside the physical protection of a controlled boundary are exposed to the possibility of interception and modification. \n\nProtecting the confidentiality and integrity of organizational information can be accomplished by physical means (e.g., employing physical distribution systems) or by logical means (e.g., employing cryptographic techniques). If physical means of protection are employed, logical means (cryptography) do not have to be employed, and vice versa.\n\n######################\n\n' >> $LOG
+		     fi
+		     ;;
     V-38607)  if [ "$3" = "en" ]; then
                   log_msg $2 'The SSH daemon must be configured to use only the SSHv2 protocol.'
               else