AIX7-00-001025 - AIX must configure the ttys value for all interactive users - ALL users

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

A user's 'ttys' attribute controls from which device(s) the user can authenticate and log in. If the 'ttys' attribute is not specified, all terminals can access the user account.

Solution

From the command prompt, run the following command to set 'ttys=ALL' for the default stanza in '/etc/security/user':
# chsec -f /etc/security/user -s default -a ttys=ALL

Run the following command to recheck 'ttys' values for all users:
# lsuser -a ttys ALL

For each interactive user who does not have 'ttys=ALL', set the value of 'ttys' to 'ALL' by running the following command from command prompt:
# chsec -f /etc/security/user -s [user_name] -a ttys=ALL

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V2R5_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000778, Rule-ID|SV-215186r538429_rule, STIG-ID|AIX7-00-001025, STIG-Legacy|SV-102347, STIG-Legacy|V-92245, Vuln-ID|V-215186

Plugin: Unix

Control ID: 4e8345751002646cf92304b535bc79a825ab746d1445899deeab864603c8e3ab