STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018: STIGQter: STIG Summary: VMware vRealize Automation 7.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:SV-100419r1_rule
V-89769
SRG-OS-000266-GPOS-00101
VRAU-SL-000925
CAT II
10
Configure the SLES for vRealize to enforce password complexity by requiring that at least one special character be used:
If "ocredit" was not set at all in /etc/pam.d/common-password-vmware.local then run the following command:
# sed -i '/pam_cracklib.so/ s/$/ ocredit=-1/' /etc/pam.d/common-password-vmware.local
If "ocredit" was set incorrectly then run the following command:
# sed -i '/pam_cracklib.so/ s/ocredit=../ocredit=-1/' /etc/pam.d/common-password-vmware.local
Verify the SLES for vRealize enforces password complexity by requiring that at least one special character be used by using the following command:
Check the password "ocredit" option:
# grep pam_cracklib.so /etc/pam.d/common-password
Confirm the "ocredit" option is set to "-1" as in the example:
password requisite pam_cracklib.so ocredit=-1
There may be other options on the line.
If no such line is found, or the "ocredit" is not "-1", this is a finding.
V-89769
False
VRAU-SL-000925
Verify the SLES for vRealize enforces password complexity by requiring that at least one special character be used by using the following command:
Check the password "ocredit" option:
# grep pam_cracklib.so /etc/pam.d/common-password
Confirm the "ocredit" option is set to "-1" as in the example:
password requisite pam_cracklib.so ocredit=-1
There may be other options on the line.
If no such line is found, or the "ocredit" is not "-1", this is a finding.
M
3459