Skip to content

Configure the tmux lock session key binding

An XCCDF Rule

Description

To set a key binding for the screen locking in tmux terminal multiplexer, the session-lock command must be bound to a key. Add the following line to /etc/tmux.conf:

bind X lock-session
. The console can now be locked with the following key combination:
Ctrl+b Shift+x

Rationale

The tmux package allows for a session lock to be implemented and configured. However, the session lock is implemented by an external command. The tmux default configuration does not contain an effective session lock.

ID
xccdf_org.ssgproject.content_rule_configure_tmux_lock_keybinding
Severity
Low
References
Updated



Remediation - Shell Script

# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && { rpm --quiet -q tmux; }; then

tmux_conf="/etc/tmux.conf"

if ! grep -qP '^\s*bind\s+\w\s+lock-session' "$tmux_conf" ; then

Remediation - Ansible

- name: Gather the package facts
  package_facts:
    manager: auto
  tags:
  - DISA-STIG-RHEL-08-020040
  - configure_strategy