Detections
Analytics
RHEL-10-200621 - RHEL 10 must use the common access card (CAC) smart card driver.
Information
Smart card login provides two-factor authentication stronger than that provided by a username and password combination. Smart cards leverage public key infrastructure to provide and verify credentials. Configuring the smart card driver helps to prevent the use of unauthorized smart cards.Satisfies: SRG-OS-000104-GPOS-00051, SRG-OS-000106-GPOS-00053, SRG-OS-000107-GPOS-00054, SRG-OS-000109-GPOS-00056, SRG-OS-000108-GPOS-00055
Solution
Configure RHEL 10 to load the CAC driver:$ sudo opensc-tool --set-conf-entry app:default:card_drivers:cac
Restart the pcscd service with the following command for the changes to take effect:
$ sudo systemctl restart pcscd
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_10_V1R1_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 10 STIG v1r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-2, 800-53|IA-2(1), 800-53|IA-2(2), CAT|II, CCI|CCI-000764, CCI|CCI-000765, CCI|CCI-000766, CCI|CCI-004045, Rule-ID|SV-280976r1165283_rule, STIG-ID|RHEL-10-200621, Vuln-ID|V-280976
Plugin: Unix
Control ID: c1c4f947cb415602d5908b166c27c36129294adb481f5215caacdd28ff6f931c