UCF STIG Viewer Logo

The IBM Aspera Console private/secret cryptographic keys file must have a mode of 0600 or less permissive to prevent unauthorized read access.


Overview

Finding ID Version Rule ID IA Controls Severity
V-252573 ASP4-CS-040260 SV-252573r831498_rule Medium
Description
Private key data is used to prove that the entity presenting a public key certificate is the certificate's rightful owner. Compromise of private key data allows an adversary to impersonate the key holder.
STIG Date
IBM Aspera Platform 4.2 Security Technical Implementation Guide 2022-08-24

Details

Check Text ( C-56029r817887_chk )
Verify the /opt/aspera/console/config/secret.yml file has a mode of "0600" or less permissive with the following command:

$ sudo stat -c "%a %n" /opt/aspera/console/config/secret.yml

600 /opt/aspera/console/config/secret.yml

If the resulting mode is more permissive than "0600", this is a finding.
Fix Text (F-55979r817888_fix)
Configure the /opt/aspera/console/config/secret.yml file to have a mode of "0600" or less permissive with the following command:

$ sudo chmod 0600 /opt/aspera/console/config/secret.yml