Skip to content
Log In

ANSSI-BP-028 (high)

Rules and Groups employed by this XCCDF Profile

  • Verify Permissions On /etc/chrony.keys File

    To properly set the permissions of /etc/chrony.keys, run the command: 
    $ sudo chmod 0640 /etc/chrony.keys
    Rule Medium Severity
    Show

  • Install the SSSD Package

    The sssd package should be installed. The sssd package can be installed with the following command: 
    $ sudo yum install sssd
    Rule Medium Severity
    Show

  • Enable the SSSD Service

    The SSSD service should be enabled. The sssd service can be enabled with the following command: 
    $ sudo systemctl enable sssd.service
    Rule Medium Severity
    Show

  • Configure PAM in SSSD Services

    SSSD should be configured to run SSSD <code>pam</code> services. To configure SSSD to known SSH hosts, add <code>pam</code> to <code>services</code> under the <code>[sssd]</code> section in <code>/...
    Rule Medium Severity
    Show

  • Configure SSSD LDAP Backend Client to Demand a Valid Certificate from the Server

    Configure SSSD to demand a valid certificate from the server to protect the integrity of LDAP remote access sessions by setting the <pre>ldap_tls_reqcert</pre> option in <pre>/etc/sssd/sssd.conf</p...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules