STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

V-22500

CAT II (Medium)

Samba must be configured to use encrypted passwords.

Rule ID

SV-46281r1_rule

STIG

SUSE Linux Enterprise Server v11 for System z Security Technical Implementation Guide

Version

V1R12

CCIs

CCI-000366

Discussion

Samba must be configured to protect authenticators. If Samba passwords are not encrypted for storage, plain-text user passwords may be read by those with access to the Samba password file.

Check Content

If the "samba-common" package is not installed, this is not applicable.

Check the encryption setting of Samba.
# grep -i 'encrypt passwords' /etc/samba/smb.conf 
If the setting is not present, or not set to 'yes', this is a finding.

Fix Text

Edit the "/etc/samba/smb.conf" file and change the "encrypt passwords" setting to "yes".