SLEM-05-411050 - SLEM 5 must never automatically remove or disable emergency administrator accounts.

Information

Emergency administrator accounts, also known as "last resort" or "break glass" accounts, are local logon accounts enabled on the system for emergency use by authorized system administrators to manage a system when standard logon methods are failing or not available. Emergency accounts are not subject to manual removal or scheduled expiration requirements.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Configure SLEM 5 to never automatically remove or disable emergency administrator accounts.

> sudo chage -I -1 -M 99999 <emergency_administrator_account_name>

Item Details

Audit Name: DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4

Category: ACCESS CONTROL

Plugin: Unix

Control ID: 077308c2a1d9b1200ae1e16506a9655ca3148eaf7ced53424c068c4ab922f8a0

Detections

Analytics

SLEM-05-411050 - SLEM 5 must never automatically remove or disable emergency administrator accounts.

Information

Solution

See Also

Item Details