STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:SV-215223r508663_rule
V-215223
SRG-OS-000076-GPOS-00044
AIX7-00-001126
CAT II
10
From the command prompt, run the following command to set "maxage=8" (56 days) for the default stanza in "/etc/security/user":
# chsec -f /etc/security/user -s default -a maxage=8
For each user who has "maxage" value great than "8", set its "maxage" to "8" by running the following command from command prompt:
# chsec -f /etc/security/user -s [user_name] -a maxage=8
From the command prompt, run the following command to check the system default "maxage" attribute value:
# lssec -f /etc/security/user -s default -a maxage
default maxage=8
If the default "maxage" value is not set, or its value is great than "8", or its value is set to "0", this is a finding.
From the command prompt, run the following command to check "maxage" attribute value for all accounts:
# lsuser -a maxage ALL
root maxage=8
user1 maxage=8
user2 maxage=8
If any user does not have "maxage" set, or its "maxage" value is greater than "8", or its value is set to "0", this is a finding.
V-215223
False
AIX7-00-001126
From the command prompt, run the following command to check the system default "maxage" attribute value:
# lssec -f /etc/security/user -s default -a maxage
default maxage=8
If the default "maxage" value is not set, or its value is great than "8", or its value is set to "0", this is a finding.
From the command prompt, run the following command to check "maxage" attribute value for all accounts:
# lsuser -a maxage ALL
root maxage=8
user1 maxage=8
user2 maxage=8
If any user does not have "maxage" set, or its "maxage" value is greater than "8", or its value is set to "0", this is a finding.
M
4012