The Red Hat Enterprise Linux operating system must not contain .shosts files.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-204606 | RHEL-07-040540 | SV-204606r603261_rule | High |
| Description |
|---|
| The .shosts files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication. |
| STIG | Date |
|---|---|
| Red Hat Enterprise Linux 7 Security Technical Implementation Guide | 2022-12-06 |
Details
| Check Text ( C-4730r89010_chk ) |
|---|
| Verify there are no ".shosts" files on the system. Check the system for the existence of these files with the following command: # find / -name '*.shosts' If any ".shosts" files are found on the system, this is a finding. |
| Fix Text (F-4730r89011_fix) |
|---|
| Remove any found ".shosts" files from the system. # rm /[path]/[to]/[file]/.shosts |