Guide to the Secure Configuration of Red Hat Enterprise Linux 7
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Set Existing Passwords Minimum Age
Configure non-compliant accounts to enforce a 24 hours/1 day minimum password lifetime by running the following command: <pre>$ sudo chage -m 1 <i>...Rule Medium Severity -
Set Existing Passwords Warning Age
To configure how many days prior to password expiration that a warning will be issued to users, run the command: <pre>$ sudo chage --warndays <xccd...Rule Medium Severity -
Set Password Warning Age
To specify how many days prior to password expiration that a warning will be issued to users, edit the file <code>/etc/login.defs</code> and add or...Rule Medium Severity -
Restrict Serial Port Root Logins
To restrict root logins on serial ports, ensure lines of this form do not appear in/etc/securetty:ttyS0 ttyS1
Rule Medium Severity -
Verify Proper Storage and Existence of Password Hashes
By default, password hashes for local accounts are stored in the second field (colon-separated) in <code>/etc/shadow</code>. This file should be re...Group -
Password Hashing algorithm
Specify the number of SHA rounds for the system password encryption algorithm. Defines the value set in <code>/etc/pam.d/system-auth</code> and <co...Value -
Verify All Account Password Hashes are Shadowed
If any password hashes are stored in <code>/etc/passwd</code> (in the second field, instead of an <code>x</code> or <code>*</code>), the cause of t...Rule Medium Severity -
Ensure all users last password change date is in the past
All users should have a password change date in the past.Rule Medium Severity -
Set number of Password Hashing Rounds - password-auth
Configure the number or rounds for the password hashing algorithm. This can be accomplished by using the <code>rounds</code> option for the <code>p...Rule Medium Severity -
Set number of Password Hashing Rounds - system-auth
Configure the number or rounds for the password hashing algorithm. This can be accomplished by using the <code>rounds</code> option for the <code>p...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules