Skip to content

Guide to the Secure Configuration of Red Hat Enterprise Linux 7

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Enable the SSSD Service

    The SSSD service should be enabled. The <code>sssd</code> service can be enabled with the following command: <pre>$ sudo systemctl enable sssd.ser...
    Rule Medium Severity
  • Configure PAM in SSSD Services

    SSSD should be configured to run SSSD <code>pam</code> services. To configure SSSD to known SSH hosts, add <code>pam</code> to <code>services</code...
    Rule Medium Severity
  • Enable Smartcards in SSSD

    SSSD should be configured to authenticate access to the system using smart cards. To enable smart cards in SSSD, set <code>pam_cert_auth</code> to ...
    Rule Medium Severity
  • Configure SSSD's Memory Cache to Expire

    SSSD's memory cache should be configured to set to expire records after <code><xccdf-1.2:sub idref="xccdf_org.ssgproject.content_value_var_sssd_mem...
    Rule Medium Severity
  • Configure SSSD to Expire Offline Credentials

    SSSD should be configured to expire offline credentials after 1 day. To configure SSSD to expire offline credentials, set <code>offline_credential...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules