SLEM-05-631015 - SLEM 5 must configure the Linux Pluggable Authentication Modules (PAM) to prohibit the use of cached offline authentications after one day.

Information

If cached authentication information is out of date, the validity of the authentication information may be questionable.

Solution

Configure SLEM 5 PAM to prohibit the use of cached authentications after one day.

Add or modify the following line in the "/etc/sssd/sssd.conf" file, below the line "[pam]":

offline_credentials_expiration = 1

Item Details

Audit Name: DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4

Category: IDENTIFICATION AND AUTHENTICATION

Plugin: Unix

Control ID: ecf53c5ee0a096120f45dce8dca97169bd2f24465b45a555db94694c1eaaa998

Detections

Analytics

SLEM-05-631015 - SLEM 5 must configure the Linux Pluggable Authentication Modules (PAM) to prohibit the use of cached offline authentications after one day.

Information

Solution

See Also

Item Details