← Back to SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide

V-261390

CAT II (Medium)

SLEM 5 must employ a password history file.

Rule ID

SV-261390r996595_rule

STIG

SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-000200

Discussion

Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the end result is a password that is not changed as per policy requirements.

Check Content

Verify the password history file exists on SLEM 5 with the following command:

     > ls -al /etc/security/opasswd
     -rw------- 1 root root 82 Dec 7 19:41 /etc/security/opasswd

If the "/etc/security/opasswd" file does not exist, this is a finding.

Fix Text

Configure SLEM 5 to create the password history file with the following commands:

Create the file:
     > sudo touch /etc/security/opasswd

Set ownership permissions:
     > sudo chown root:root /etc/security/opasswd

Set access permissions:
     > sudo chmod 0600 /etc/security/opasswd