Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Red Hat Enterprise Linux 10

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Chrony Configure Pool and Server

    <code>Chrony</code> is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across a variety of s...
    Rule Medium Severity
    Show

  • Disable network management of chrony daemon

    The <code>cmdport</code> option in <code>/etc/chrony.conf</code> can be set to <code>0</code> to stop chrony daemon from listening on the UDP port ...
    Rule Low Severity
    Show

  • Disable rexec Service

    The <code>rexec</code> service, which is available with the <code>rsh-server</code> package and runs as a service through xinetd or separately as a...
    Rule High Severity
    Show

  • Configure Time Service Maxpoll Interval

    The <code>maxpoll</code> should be configured to <xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_time_service_set_maxpoll" use="legacy...
    Rule Medium Severity
    Show

  • Specify Additional Remote NTP Servers

    Depending on specific functional requirements of a concrete production environment, the Red Hat Enterprise Linux 10 system can be configured to uti...
    Rule Medium Severity
    Show

  • Ensure that chronyd is running under chrony user account

    chrony is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across a variety of systems and us...
    Rule Medium Severity
    Show

  • Ensure Chrony is only configured with the server directive

    Check that Chrony only has time sources configured with the server directive.
    Rule Medium Severity
    Show

  • Verify Group Who Owns /etc/chrony.keys File

    To properly set the group owner of /etc/chrony.keys, run the command: 
    $ sudo chgrp chrony /etc/chrony.keys
    Rule Medium Severity
    Show

  • Verify User Who Owns /etc/chrony.keys File

    To properly set the owner of /etc/chrony.keys, run the command: 
    $ sudo chown root /etc/chrony.keys
    Rule Medium Severity
    Show

  • Verify Permissions On /etc/chrony.keys File

    To properly set the permissions of /etc/chrony.keys, run the command: 
    $ sudo chmod 0640 /etc/chrony.keys
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules