Detections
Analytics
UBTU-22-631015 - Ubuntu 22.04 LTS must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day.
Information
If cached authentication information is out-of-date, the validity of the authentication information may be questionable.Solution
Configure PAM to prohibit the use of cached authentications after one day.Add or modify the following line in the "/etc/sssd/sssd.conf" file, just below the line "[pam]":
offline_credentials_expiration = 1
Note: It is valid for this configuration to be in a file with a name that ends with ".conf" and does not begin with a "." in the "/etc/sssd/conf.d/" directory instead of the "/etc/sssd/sssd.conf" file.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CAN_Ubuntu_22-04_LTS_V2R7_STIG.zip
Item Details
Audit Name: DISA Canonical Ubuntu 22.04 LTS STIG v2r7
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(13), CAT|III, CCI|CCI-002007, Rule-ID|SV-260581r1155206_rule, STIG-ID|UBTU-22-631015, Vuln-ID|V-260581
Plugin: Unix
Control ID: b0f620fd603161952b931eebd65a26b20696326d6188980bb7cb9369457ad138