STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Red Hat Enterprise Linux 10 Security Technical Implementation Guide

V-281275

CAT I (High)

RHEL 10 must not allow unattended or automatic login via the graphical user interface.

Rule ID

SV-281275r1166777_rule

STIG

Red Hat Enterprise Linux 10 Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000213

Discussion

Failure to restrict system access to authenticated users negatively impacts operating system security.

Check Content

Note: This requirement assumes the use of the RHEL 10 default graphical user interface, the GNOME desktop environment. If the system does not have any graphical user interface installed, this requirement is not applicable.

Verify RHEL 10 does not allow an unattended or automatic login to the system via a graphical user interface.

Check for the value of the "AutomaticLoginEnable" in the "/etc/gdm/custom.conf" file with the following command:

$  grep -i automaticlogin /etc/gdm/custom.conf
AutomaticLoginEnable=false

If the value of "AutomaticLoginEnable" is not set to "false", this is a finding.

Fix Text

Configure RHEL 10 so that the GNOME desktop display manager disables automatic login.

Update the "/etc/gdm/custom.conf" file to disable automatic login to the GNOME desktop:

$ sudo vi /etc/gdm/custom.conf

[daemon]
AutomaticLoginEnable=false