Skip to content
ATO Pathways
  Log In

Guide to the Secure Configuration of Red Hat Enterprise Linux 10

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Specify Additional Remote NTP Servers

    Depending on specific functional requirements of a concrete production environment, the Red Hat Enterprise Linux 10 system can be configured to uti...
    Rule Medium Severity
    Show

  • Ensure that chronyd is running under chrony user account

    chrony is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across a variety of systems and us...
    Rule Medium Severity
    Show

  • Ensure Chrony is only configured with the server directive

    Check that Chrony only has time sources configured with the server directive.
    Rule Medium Severity
    Show

  • Verify Group Who Owns /etc/chrony.keys File

    To properly set the group owner of /etc/chrony.keys, run the command: 
    $ sudo chgrp chrony /etc/chrony.keys
    Rule Medium Severity
    Show

  • Verify User Who Owns /etc/chrony.keys File

    To properly set the owner of /etc/chrony.keys, run the command: 
    $ sudo chown root /etc/chrony.keys
    Rule Medium Severity
    Show

  • Verify Permissions On /etc/chrony.keys File

    To properly set the permissions of /etc/chrony.keys, run the command: 
    $ sudo chmod 0640 /etc/chrony.keys
    Rule Medium Severity
    Show

  • Obsolete Services

    This section discusses a number of network-visible services which have historically caused problems for system security, and for which disabling or...
    Group
    Show

  • Verify Group Ownership on SSH Server Private *_key Key Files

    SSH server private keys, files that match the /etc/ssh/*_key glob, must be group-owned by root group.
    Rule Medium Severity
    Show

  • Disable rsh Service

    The <code>rsh</code> service, which is available with the <code>rsh-server</code> package and runs as a service through xinetd or separately as a s...
    Rule High Severity
    Show

  • Verify Group Ownership on SSH Server Public *.pub Key Files

    SSH server public keys, files that match the /etc/ssh/*.pub glob, must be group-owned by root group.
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules