Skip to content
Log In

Guide to the Secure Configuration of Ubuntu 16.04

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Enable systemd_timesyncd Service

    The systemd_timesyncd service can be enabled with the following command: 
    $ sudo systemctl enable systemd_timesyncd.service
    Rule High Severity
    Show

  • Ensure Chrony is only configured with the server directive

    Check that Chrony only has time sources configured with the server directive.
    Rule Medium Severity
    Show

  • A remote time server for Chrony is configured

    <code>Chrony</code> is a daemon which implements the Network Time Protocol (NTP). It is designed to synchronize system clocks across a variety of systems and use a source that is highly accurate. M...
    Rule Medium Severity
    Show

  • Rlogin, Rsh, and Rexec

    The Berkeley r-commands are legacy services which allow cleartext remote access and have an insecure trust model.
    Group
    Show

  • SSH RekeyLimit - size

    Specify the size component of the rekey limit.
    Value
    Show

  • SSH RekeyLimit - size

    Specify the size component of the rekey limit.
    Value
    Show

  • SSH Compression Setting

    Specify the compression setting for SSH connections.
    Value
    Show

  • SSH Server

    The SSH protocol is recommended for remote login and remote file transfer. SSH provides confidentiality and integrity for data exchanged between two systems, as well as server authentication, throu...
    Group
    Show

  • SSH session Idle time

    Specify duration of allowed idle time.
    Value
    Show

  • SSH Max authentication attempts

    Specify the maximum number of authentication attempts per connection.
    Value
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules