RHEL STIG V-71949 keeps being reported as failed on scans

Because Amazon does not set a password on Linux images, and requires users to use an SSH key to authenticate to deployed instances, we can NOT enable password-based re-authentication for Sudo sessions out of the box. You can, however, enable this on your own by following these steps:

  1. Set a password for the ec2-user account. It is recommended to use the passwd command as ec2-user, to ensure password expiration rules are enforced.

  2. Run the command "sudo su -" to become root.

  3. Run "sudoedit" to edit the /etc/sudoers file.

  4. Find the lines that contain "NOPASSWD: ALL" within this file

  5. Remove the keyword "NOPASSWD" and the trailing colon

  6. Save the file (the vi command "ZZ" will do this)

  7. DO NOT LEAVE YOUR ROOT SESSION.

  8. Open a new terminal window, and login to your server as ec2-user

  9. Try running "sudo su -"

  10. Confirm that you are prompted for your password.

Once these steps are completed, your system will be compliant with V-71949.


Queste informazioni sono state utili?