Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux 8

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Password Hashing algorithm

    Specify the number of SHA rounds for the system password encryption algorithm. Defines the value set in <code>/etc/pam.d/system-auth</code> and <co...
    Value
  • Verify All Account Password Hashes are Shadowed

    If any password hashes are stored in <code>/etc/passwd</code> (in the second field, instead of an <code>x</code> or <code>*</code>), the cause of t...
    Rule Medium Severity
  • Verify All Account Password Hashes are Shadowed with SHA512

    Verify the operating system requires the shadow password suite configuration be set to encrypt interactive user passwords using a strong cryptograp...
    Rule Medium Severity
  • Ensure all users last password change date is in the past

    All users should have a password change date in the past.
    Rule Medium Severity
  • Set number of Password Hashing Rounds - password-auth

    Configure the number or rounds for the password hashing algorithm. This can be accomplished by using the <code>rounds</code> option for the <code>p...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules