RHEL 9 must not allow unattended or automatic logon via the graphical user interface.

An XCCDF Rule

Description

Failure to restrict system access to authenticated users negatively impacts operating system security.

ID: SV-258018r1045090_rule
Version: RHEL-09-271040
Severity: High
References: CCI-000366
Updated: about 2 months ago

Remediation Templates

Configure the GNOME desktop display manager to disable automatic login.

Set AutomaticLoginEnable to false in the [daemon] section in /etc/gdm/custom.conf. For example:

[daemon]
AutomaticLoginEnable=false