Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Ubuntu operating system sessions must be automatically logged out after 15 minutes of inactivity.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-214945 | UBTU-16-010060 | SV-214945r610931_rule | Medium |
| Description |
|---|
| An Ubuntu operating system needs to be able to identify when a user's sessions has idled for longer than 15 minutes. The Ubuntu operating system must logout a users' session after 15 minutes to prevent anyone from gaining access to the machine while the user is away. |
| STIG | Date |
|---|---|
| Canonical Ubuntu 16.04 LTS Security Technical Implementation Guide | 2020-12-09 |
Details
| Check Text ( C-16144r284703_chk ) |
|---|
| Verify the Ubuntu operating system initiates a session logout after a "15" minutes of inactivity. Check that the proper auto logout script exists with the following command: # cat /etc/profile.d/autologout.sh TMOUT=900 readonly TMOUT export TMOUT If the file "/etc/profile.d/autologout.sh" does not exist, the timeout values are commented out, the output from the function call are not the same, this is a finding. |
| Fix Text (F-16142r284704_fix) |
|---|
| Configure the Ubuntu operating system to initiate a session logout after a "15" minutes of inactivity. Create a file to contain the system-wide session auto logout script (if it does not already exist) with the following command: # sudo touch /etc/profile.d/autologout.sh Add the following lines to the "/etc/profile.d/autologout.sh" script: TMOUT=900 readonly TMOUT export TMOUT |