Check: TOSS-04-010370
Tri-Lab Operating System Stack (TOSS) 4 STIG:
TOSS-04-010370
(in versions v1 r3 through v1 r1)
Title
There must be no ".shosts" files on The TOSS operating system. (Cat II impact)
Discussion
The ."shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.
Check Content
Verify there are no ."shosts" files on TOSS with the following command: $ sudo find / -name '*.shosts' If any ."shosts" files are found, this is a finding.
Fix Text
Remove any found ."shosts" files from the system. $ sudo rm /[path]/[to]/[file]/.shosts
Additional Identifiers
Rule ID: SV-252939r824141_rule
Vulnerability ID: V-252939
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |