Navigate

Check: TOSS-04-010370

Tri-Lab Operating System Stack (TOSS) 4 STIG: TOSS-04-010370 (in versions v2 r1 through v1 r1)

Title

There must be no ".shosts" files on The TOSS operating system. (Cat II impact)

Discussion

The ."shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.

Check Content

Verify there are no ."shosts" files on TOSS with the following command: $ sudo find / -name '*.shosts' If any ."shosts" files are found, this is a finding.

Fix Text

Remove any found ."shosts" files from the system. $ sudo rm /[path]/[to]/[file]/.shosts

Additional Identifiers

Rule ID: SV-252939r991589_rule

Vulnerability ID: V-252939

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	Implement the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings