DISA STIG for SUSE Linux Enterprise Micro (SLEM) 5
Rules and Groups employed by this XCCDF Profile
-
Ensure PAM Displays Last Logon/Access Notification
To configure the system to notify users of last logon/access using <code>pam_lastlog</code>, add or correct the <code>pam_lastlog</code> settings i...Rule Low Severity -
The PAM configuration should not be changed automatically
Verify the SUSE operating system is configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes.Rule Medium Severity -
Limit Password Reuse
Do not allow users to reuse recent passwords. This can be accomplished by using the <code>remember</code> option for the <code>pam_pwhistory</code>...Rule Medium Severity -
Set Deny For Failed Password Attempts
The SUSE Linux Enterprise Micro 5 operating system must lock an account after - at most - <xccdf-1.2:sub xmlns:xccdf-1.2="http://checklists.nist.go...Rule Medium Severity -
Set Password Quality Requirements
The default <code>pam_pwquality</code> PAM module provides strength checking for passwords. It performs a number of checks, such as making sure pas...Group -
Set Password Quality Requirements, if using pam_cracklib
The <code>pam_cracklib</code> PAM module can be configured to meet requirements for a variety of policies. <br> <br> For example, to confi...Group -
Set Password Strength Minimum Digit Characters
The pam_cracklib module's <code>dcredit</code> parameter controls requirements for usage of digits in a password. When set to a negative number, an...Rule Medium Severity -
Set Password Strength Minimum Different Characters
The pam_cracklib module's <code>difok</code> parameter controls requirements for usage of different characters during a password change. The number...Rule Medium Severity -
Set Password Strength Minimum Lowercase Characters
The pam_cracklib module's <code>lcredit=</code> parameter controls requirements for usage of lowercase letters in a password. When set to a negativ...Rule Medium Severity -
Set Password Minimum Length
The pam_cracklib module's <code>minlen</code> parameter controls requirements for minimum characters required in a password. Add <code>minlen=<xccd...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules