STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: SLES 12 Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-217133r603262_rule
V-217133
SRG-OS-000077-GPOS-00045
SLES-12-010310
CAT II
10
Configure the SUSE operating system password history to prohibit the reuse of a password for a minimum of five generations.
Edit "/etc/pam.d/common-password" and edit the line containing "pam_pwhistory.so" to contain the option "remember=5 use_authtok" after the third column.
Verify the SUSE operating system prohibits the reuse of a password for a minimum of five (5) generations.
Check that the SUSE operating system prohibits the reuse of a password for a minimum of five (5) generations with the following command:
# grep pam_pwhistory.so /etc/pam.d/common-password
password requisite pam_pwhistory.so remember=5 use_authtok
If the command does not return a result, or the returned line is commented out, has a second column value different from "requisite", does not contain "remember" value, the value is less than "5", or is missing the "use_authtok" keyword, this is a finding.
V-217133
False
SLES-12-010310
Verify the SUSE operating system prohibits the reuse of a password for a minimum of five (5) generations.
Check that the SUSE operating system prohibits the reuse of a password for a minimum of five (5) generations with the following command:
# grep pam_pwhistory.so /etc/pam.d/common-password
password requisite pam_pwhistory.so remember=5 use_authtok
If the command does not return a result, or the returned line is commented out, has a second column value different from "requisite", does not contain "remember" value, the value is less than "5", or is missing the "use_authtok" keyword, this is a finding.
M
4033