An error occurred:

Check: AZLX-23-002595

Amazon Linux 2023 STIG: AZLX-23-002595 (in version v1 r1)

Title

Amazon Linux 2023 must ensure the pcscd service is active. (Cat II impact)

Discussion

The information system ensures that even if the information system is compromised, that compromise will not affect credentials stored on the authentication device. The daemon program for pcsc-lite and the MuscleCard framework is pcscd. It is a resource manager that coordinates communications with smart card readers and smart cards and cryptographic tokens connected to the system.

Check Content

Verify Amazon Linux 2023 is configured so that the "pcscd" service is active with the following command: $ systemctl is-active pcscd active If the pcscdservice is not active, this is a finding.

Fix Text

Configure Amazon Linux 2023 so that the "pcscd" service is active with the following command: $ sudo systemctl enable --now pcscd

Additional Identifiers

Rule ID: SV-274181r1120531_rule

Vulnerability ID: V-274181

Group Title: SRG-OS-000375-GPOS-00160

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-004046

Implement multi-factor authentication for local; network; and/or remote access to privileged accounts; and/or non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-2(6)

Access to Accounts —separate Device