STIGQter STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must synchronize internal information system clocks to the authoritative time source when the time difference is greater than one second.

DISA Rule

SV-238357r654246_rule

Vulnerability Number

V-238357

Group Title

SRG-OS-000356-GPOS-00144

Rule Version

UBTU-20-010436

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure chrony to synchronize the internal system clocks to the authoritative source when the time difference is greater than one second by doing the following:

Edit the "/etc/chrony/chrony.conf" file and add:

makestep 1 -1

Restart the chrony service:

$ sudo systemctl restart chrony.service

Check Contents

Verify the operating system synchronizes internal system clocks to the authoritative time source when the time difference is greater than one second.

Check the value of "makestep" by running the following command:

$ sudo grep makestep /etc/chrony/chrony.conf

makestep 1 -1

If the makestep option is commented out or is not set to "1 -1", this is a finding.

Vulnerability Number

V-238357

Documentable

False

Rule Version

UBTU-20-010436

Severity Override Guidance

Verify the operating system synchronizes internal system clocks to the authoritative time source when the time difference is greater than one second.

Check the value of "makestep" by running the following command:

$ sudo grep makestep /etc/chrony/chrony.conf

makestep 1 -1

If the makestep option is commented out or is not set to "1 -1", this is a finding.

Check Content Reference

M

Target Key

5318

Comments