Enable Smart Card Login

An XCCDF Rule

Description

To enable smart card authentication, consult the documentation at:

For guidance on enabling SSH to authenticate against a Common Access Card (CAC), consult documentation at:

https://access.redhat.com/solutions/82273

Rationale

Smart card login provides two-factor authentication stronger than that provided by a username and password combination. Smart cards leverage PKI (public key infrastructure) in order to provide and verify credentials.

ID: xccdf_org.ssgproject.content_rule_smartcard_auth
Severity: Medium
References: 1 12 15 16 5

DSS05.04 DSS05.05 DSS05.07 DSS05.10 DSS06.03 DSS06.10

CCI-000764 CCI-000765 CCI-000766 CCI-000767 CCI-000768 CCI-000770 CCI-000771 CCI-000772 CCI-000884

4.3.3.2.2 4.3.3.5.1 4.3.3.5.2 4.3.3.6.1 4.3.3.6.2 4.3.3.6.3 4.3.3.6.4 4.3.3.6.5 4.3.3.6.6 4.3.3.6.7 4.3.3.6.8 4.3.3.6.9 4.3.3.7.2 4.3.3.7.4

SR 1.1 SR 1.10 SR 1.2 SR 1.3 SR 1.4 SR 1.5 SR 1.7 SR 1.8 SR 1.9 SR 2.1

A.18.1.4 A.7.1.1 A.9.2.1 A.9.2.2 A.9.2.3 A.9.2.4 A.9.2.6 A.9.3.1 A.9.4.2 A.9.4.3

CM-6(a) IA-2(1) IA-2(11) IA-2(2) IA-2(3) IA-2(4) IA-2(6) IA-2(7)

PR.AC-1 PR.AC-6 PR.AC-7

Req-8.3

SRG-OS-000104-GPOS-00051 SRG-OS-000106-GPOS-00053 SRG-OS-000107-GPOS-00054 SRG-OS-000108-GPOS-00055 SRG-OS-000108-GPOS-00057 SRG-OS-000108-GPOS-00058 SRG-OS-000109-GPOS-00056 SRG-OS-000376-GPOS-00161 SRG-OS-000377-GPOS-00162
Updated: about 1 year ago