If Network Security Services (NSS) is being used by the SUSE operating system it must prohibit the use of cached authentications after one day.
An XCCDF Rule
Description
If cached authentication information is out of date, the validity of the authentication information may be questionable.
- ID
- SV-217166r958828_rule
- Version
- SLES-12-010670
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure NSS, if used by the SUSE operating system, to prohibit the use of cached authentications after one day.
Add or change the following line in "/etc/sssd/sssd.conf" just below the line "[nss]":
memcache_timeout = 86400