RHEL 9 must use the common access card (CAC) smart card driver.

An XCCDF Rule

Description

<VulnDiscussion>Smart card login provides two-factor authentication stronger than that provided by a username and password combination. Smart cards leverage public key infrastructure to provide and verify credentials. Configuring the smart card driver in use by the organization helps to prevent users from using unauthorized smart cards. Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000106-GPOS-00053, SRG-OS-000107-GPOS-00054, SRG-OS-000109-GPOS-00056, SRG-OS-000108-GPOS-00055, SRG-OS-000112-GPOS-00057, SRG-OS-000113-GPOS-00058</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-258121r1015119_rule
Severity: Medium
References: CCI-000764 CCI-000765 CCI-000766 CCI-000767 CCI-000768 CCI-000770 CCI-001941 CCI-001942 CCI-004045
Updated: 17 days ago

Configure RHEL 9 to load the CAC driver.

Add or modify the following line in the "/etc/opensc.conf" file:

card_drivers = cac;

RHEL 9 must use the common access card (CAC) smart card driver.

Description

Remediation - Manual Procedure