Check: SLES-12-010400
SLES 12 STIG:
SLES-12-010400
(in versions v2 r13 through v1 r3)
Title
There must be no .shosts files on the SUSE operating system. (Cat I impact)
Discussion
The .shosts files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
Check Content
Verify there are no ".shosts" files on the SUSE operating system. Check the system for the existence of these files with the following command: # find / -name '.shosts' If any ".shosts" files are found on the system, this is a finding.
Fix Text
Remove any ".shosts" files found on the SUSE operating system. # rm /[path]/[to]/[file]/.shosts
Additional Identifiers
Rule ID: SV-217141r603262_rule
Vulnerability ID: V-217141
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |