Detections
Analytics
RHEL-10-701280 - RHEL 10 must map the authenticated identity to the user or group account for public key infrastructure (PKI)-based authentication.
Information
Without mapping the certificate used to authenticate to the user account, the ability to determine the identity of the individual user or group will not be available for forensic analysis.Solution
Configure RHEL 10 to map the authenticated identity to the user or group account by adding or modifying the certmap section of the "/etc/sssd/sssd.conf" file based on the following example:[certmap/testing.test/rule_name]
matchrule = .*EDIPI@mil
maprule = (userCertificate;binary={cert!bin})
domains = testing.test
Restart the "sssd" service with the following command for the changes to take effect:
$ sudo systemctl restart sssd.service
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_10_V1R1_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 10 STIG v1r1
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-5(2)(c), CAT|II, CCI|CCI-000187, Rule-ID|SV-281330r1167140_rule, STIG-ID|RHEL-10-701280, Vuln-ID|V-281330
Plugin: Unix
Control ID: 38afdbe1baadd28fa3a8b8c310eefaaee4290641e66a3f70ba0fbb7244b5a120