UCF STIG Viewer Logo

The system must prevent the root account from directly logging in except from the system console.


Overview

Finding ID Version Rule ID IA Controls Severity
V-778 GEN000980 SV-64389r1_rule Medium
Description
Limiting the root account direct logins to only system consoles protects the root account from direct unauthorized access from a non-console device.
STIG Date
Oracle Linux 5 Security Technical Implementation Guide 2020-02-25

Details

Check Text ( C-52789r1_chk )
Check /etc/securetty
# more /etc/securetty
If the file does not exist, or contains more than "console" or a single "tty" device this is a finding.
Fix Text (F-54971r1_fix)
Create if needed and set the contents of /etc/securetty to a "console" or "tty" device.
# echo console > /etc/securetty
or
# echo tty1 > /etc/securetty