Passed
Failed
Other
| Rule ID | Result | Severity | Message |
|---|---|---|---|
accounts_password_pam_unix_enabled |
PASS | MEDIUM | - |
accounts_root_gid_zero |
PASS | LOW | - |
accounts_umask_etc_bashrc |
FAIL | MEDIUM | Check failed: accounts_umask_etc_bashrc |
accounts_umask_etc_login_defs |
PASS | HIGH | - |
accounts_umask_etc_profile |
FAIL | HIGH | Check failed: accounts_umask_etc_profile |
accounts_umask_root |
PASS | LOW | - |
ensure_pam_wheel_group_empty |
FAIL | HIGH | Check failed: ensure_pam_wheel_group_empty |
ensure_root_access_controlled |
PASS | MEDIUM | - |
file_groupowner_sshd_config |
PASS | MEDIUM | - |
file_owner_sshd_config |
PASS | MEDIUM | - |
file_permissions_sshd_config |
PASS | HIGH | - |
file_permissions_sshd_private_key |
FAIL | LOW | Check failed: file_permissions_sshd_private_key |
file_permissions_sshd_pub_key |
PASS | HIGH | - |
groups_no_zero_gid_except_root |
PASS | MEDIUM | - |
no_invalid_shell_accounts_unlocked |
FAIL | LOW | Check failed: no_invalid_shell_accounts_unlocked |
no_shelllogin_for_systemaccounts |
PASS | MEDIUM | - |
sshd_limit_user_access |
PASS | LOW | - |
use_pam_wheel_group_for_su |
PASS | LOW | - |
sshd_use_strong_ciphers |
PASS | LOW | - |
sshd_use_strong_kex |
PASS | HIGH | - |
sshd_use_strong_macs |
PASS | LOW | - |
accounts_password_pam_pwhistory_use_authtok |
PASS | LOW | - |
accounts_password_pam_unix_authtok |
PASS | HIGH | - |
set_password_hashing_algorithm_logindefs |
PASS | LOW | - |
set_password_hashing_algorithm_systemauth |
FAIL | LOW | Check failed: set_password_hashing_algorithm_systemauth |
account_disable_post_pw_expiration |
PASS | MEDIUM | - |
accounts_maximum_age_login_defs |
PASS | HIGH | - |
accounts_minimum_age_login_defs |
PASS | MEDIUM | - |
accounts_password_last_change_is_in_past |
PASS | LOW | - |
accounts_password_pam_dcredit |
PASS | HIGH | - |
accounts_password_pam_dictcheck |
PASS | MEDIUM | - |
accounts_password_pam_difok |
FAIL | LOW | Check failed: accounts_password_pam_difok |
accounts_password_pam_enforce_root |
PASS | LOW | - |
accounts_password_pam_enforcing |
PASS | LOW | - |
accounts_password_pam_lcredit |
PASS | MEDIUM | - |
accounts_password_pam_maxrepeat |
PASS | LOW | - |
accounts_password_pam_maxsequence |
PASS | LOW | - |
accounts_password_pam_minclass |
PASS | LOW | - |
accounts_password_pam_minlen |
PASS | LOW | - |
accounts_password_pam_ocredit |
FAIL | MEDIUM | Check failed: accounts_password_pam_ocredit |
accounts_password_pam_pwhistory_enabled |
PASS | MEDIUM | - |
accounts_password_pam_pwhistory_enforce_root |
PASS | HIGH | - |
accounts_password_pam_pwhistory_remember |
PASS | HIGH | - |
accounts_password_pam_pwquality_enabled |
PASS | HIGH | - |
accounts_password_pam_ucredit |
PASS | MEDIUM | - |
accounts_password_pam_unix_no_remember |
PASS | LOW | - |
accounts_password_set_max_life_existing |
PASS | HIGH | - |
accounts_password_set_min_life_existing |
FAIL | HIGH | Check failed: accounts_password_set_min_life_existing |
no_empty_passwords_unix |
PASS | MEDIUM | - |
sshd_disable_empty_passwords |
PASS | HIGH | - |
sshd_disable_gssapi_auth |
PASS | MEDIUM | - |
sshd_disable_rhosts |
PASS | LOW | - |
sshd_enable_pam |
PASS | HIGH | - |
accounts_password_warn_age_login_defs |
PASS | MEDIUM | - |
sshd_disable_forwarding |
FAIL | MEDIUM | Check failed: sshd_disable_forwarding |
accounts_tmout |
FAIL | LOW | Check failed: accounts_tmout |
package_sudo_installed |
PASS | LOW | - |
sshd_disable_root_login |
PASS | LOW | - |
sudo_add_use_pty |
PASS | HIGH | - |
sudo_remove_no_authenticate |
PASS | HIGH | - |
sudo_require_authentication |
PASS | LOW | - |
sudo_require_reauthentication |
PASS | MEDIUM | - |
accounts_passwords_pam_faillock_deny |
PASS | MEDIUM | - |
accounts_passwords_pam_faillock_enabled |
FAIL | HIGH | Check failed: accounts_passwords_pam_faillock_enabled |
accounts_passwords_pam_faillock_root_unlock_time |
PASS | HIGH | - |
accounts_passwords_pam_faillock_unlock_time |
FAIL | MEDIUM | Check failed: accounts_passwords_pam_faillock_unlock_time |
sshd_set_loglevel_info |
FAIL | LOW | Check failed: sshd_set_loglevel_info |
sshd_set_max_auth_tries |
PASS | MEDIUM | - |
sudo_custom_logfile |
FAIL | HIGH | Check failed: sudo_custom_logfile |
account_automated_provisioning_enabled |
FAIL | MEDIUM | Check failed: account_automated_provisioning_enabled |
account_temporary_expiration_configured |
PASS | LOW | - |
account_disable_inactive_accounts |
PASS | MEDIUM | - |
sudo_security_function_authorization |
FAIL | MEDIUM | Check failed: sudo_security_function_authorization |
service_nonprivileged_user_execution |
PASS | MEDIUM | - |
screen_lock_timeout_configured |
PASS | HIGH | - |
screen_lock_pattern_hiding_enabled |
PASS | MEDIUM | - |
sshd_logging_enabled |
PASS | HIGH | - |
auditd_extended_information_enabled |
FAIL | LOW | Check failed: auditd_extended_information_enabled |
log_analysis_tool_configured |
PASS | LOW | - |
change_control_documentation_required |
PASS | MEDIUM | - |
service_periodic_review_enabled |
PASS | LOW | - |
package_update_automation_configured |
PASS | HIGH | - |
intrusion_detection_tool_installed |
PASS | MEDIUM | - |
encrypted_traffic_inspection_configured |
PASS | MEDIUM | - |
privileged_command_network_restriction |
PASS | LOW | - |
concurrent_session_limit_configured |
PASS | HIGH | - |
auditd_storage_threshold_alert |
PASS | HIGH | - |
auditd_realtime_alerts_enabled |
FAIL | LOW | Check failed: auditd_realtime_alerts_enabled |
centralized_logging_configured |
PASS | HIGH | - |
audit_logs_remote_storage |
PASS | LOW | - |
audit_logs_encrypted |
FAIL | MEDIUM | Check failed: audit_logs_encrypted |
critical_action_signing_enabled |
PASS | MEDIUM | - |
time_synchronization_configured |
FAIL | LOW | Check failed: time_synchronization_configured |