Skip to content

CIS Red Hat Enterprise Linux 9 Benchmark for Level 1 - Server

Rules and Groups employed by this XCCDF Profile

  • Set Password Quality Requirements

    The default <code>pam_pwquality</code> PAM module provides strength checking for passwords. It performs a number of checks, such as making sure pas...
    Group
  • Set Password Quality Requirements with pam_pwquality

    The <code>pam_pwquality</code> PAM module can be configured to meet requirements for a variety of policies. <br><br> For example, to configure <cod...
    Group
  • Ensure PAM Enforces Password Requirements - Minimum Different Categories

    The pam_pwquality module's <code>minclass</code> parameter controls requirements for usage of different character classes, or types, of character t...
    Rule Medium Severity
  • Ensure PAM Enforces Password Requirements - Minimum Length

    The pam_pwquality module's <code>minlen</code> parameter controls requirements for minimum characters required in a password. Add <code>minlen=<xcc...
    Rule Medium Severity
  • Ensure PAM Enforces Password Requirements - Authentication Retry Prompts Permitted Per-Session

    To configure the number of retry prompts that are permitted per-session: Edit the <code>/etc/security/pwquality.conf</code> to include <code>retr...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules