Check: AZLX-23-002396
Amazon Linux 2023 STIG:
AZLX-23-002396
(in version v1 r1)
Title
Amazon Linux 2023 must automatically exit interactive command shell user sessions after 15 minutes of inactivity. (Cat II impact)
Discussion
Terminating an idle interactive command shell user session within a short time period reduces the window of opportunity for unauthorized personnel to take control of it when left unattended in a virtual terminal or physical console.
Check Content
Verify Amazon Linux 2023 is configured to exit interactive command shell user sessions after 10 minutes of inactivity or less with the following command: $ sudo grep -i tmout /etc/profile /etc/profile.d/*.sh /etc/profile.d/tmout.sh:declare -xr TMOUT=600 If "TMOUT" is not set to "600" or less in a script located in the "/etc/'profile.d/ directory, is missing or is commented out, this is a finding.
Fix Text
Configure Amazon Linux 2023 to exit interactive command shell user sessions after 10 minutes of inactivity. Add or edit the following line in "/etc/profile.d/tmout.sh": #!/bin/bash declare -xr TMOUT=600
Additional Identifiers
Rule ID: SV-274142r1120414_rule
Vulnerability ID: V-274142
Group Title: SRG-OS-000163-GPOS-00072
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000057 |
Prevent further access to the system by initiating a device lock after organization-defined time period of inactivity; and/or requiring the user to initiate a device lock before leaving the system unattended. |
| CCI-001133 |
Terminate the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity. |