OL6-00-000349 - The system must be configured to require the use of a CAC, PIV compliant hardware token, or Alternate Logon Token (ALT) for authentication.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Smart card login provides two-factor authentication stronger than that provided by a username/password combination. Smart cards leverage a PKI (public key infrastructure) in order to provide and verify credentials.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

To enable smart card authentication, consult the documentation at:

https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Smart_Cards/enabling-smart-card-login.html

For guidance on enabling SSH to authenticate against a Common Access Card (CAC), consult documentation at:

https://access.redhat.com/solutions/82273

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Linux_6_V2R6_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000765, Rule-ID|SV-209051r793772_rule, STIG-ID|OL6-00-000349, STIG-Legacy|SV-64845, STIG-Legacy|V-50639, Vuln-ID|V-209051

Plugin: Unix

Control ID: 3bd4ebc1a5dc51ecead42acfa445a81ea5f163f95c31f400cc6bd6b7f42933f7