STIGQter STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

The SUSE operating system must be configured to create or update passwords with a minimum lifetime of 24 hours (one day).

DISA Rule

SV-234889r622137_rule

Vulnerability Number

V-234889

Group Title

SRG-OS-000075-GPOS-00043

Rule Version

SLES-15-020200

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the SUSE operating system to enforce 24 hours/one day or greater as the minimum password age.

Edit the file "/etc/login.defs" and add or correct the following line. Replace [DAYS] with the appropriate amount of days:

PASS_MIN_DAYS [DAYS]

The DoD requirement is "1" but a greater value is acceptable.

Check Contents

Verify the SUSE operating system creates or updates passwords with minimum password age of one day or greater.

To check that the SUSE operating system enforces 24 hours/one day as the minimum password age, run the following command:

> grep '^PASS_MIN_DAYS' /etc/login.defs

PASS_MIN_DAYS 1

If no output is produced, or if "PASS_MIN_DAYS" does not have a value of "1" or greater, this is a finding.

Vulnerability Number

V-234889

Documentable

False

Rule Version

SLES-15-020200

Severity Override Guidance

Verify the SUSE operating system creates or updates passwords with minimum password age of one day or greater.

To check that the SUSE operating system enforces 24 hours/one day as the minimum password age, run the following command:

> grep '^PASS_MIN_DAYS' /etc/login.defs

PASS_MIN_DAYS 1

If no output is produced, or if "PASS_MIN_DAYS" does not have a value of "1" or greater, this is a finding.

Check Content Reference

M

Target Key

5274

Comments