An error occurred:

Check: RHEL-09-412080

RHEL 9 STIG: RHEL-09-412080 (in version v2 r7)

Title

RHEL 9 must terminate idle user sessions. (Cat II impact)

Discussion

Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.

Check Content

Verify RHEL 9 logs out sessions that are idle for 10 minutes with the following command: $ systemd-analyze cat-config systemd/logind.conf | grep StopIdleSessionSec #StopIdleSessionSec=infinity StopIdleSessionSec=600 If "StopIdleSessionSec" is not configured to "600" seconds, this is a finding.

Fix Text

Configure RHEL 9 to log out idle sessions. Create the directory if necessary: $ mkdir -p /etc/systemd/logind.conf.d/ Create a *.conf file in /etc/systemd/logind.conf.d/ with the following content: [Login] StopIdleSessionSec=600 KillUserProcesses=no Restart systemd-logind: $ systemctl restart systemd-logind

Additional Identifiers

Rule ID: SV-258077r1155659_rule

Vulnerability ID: V-258077

Group Title: SRG-OS-000163-GPOS-00072

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001133

Terminate the network connection associated with a communications session at the end of the session or after an organization-defined time period of inactivity.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-10

Network Disconnect