STIGQter STIGQter: STIG Summary: Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The Ubuntu operating system must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.

DISA Rule

SV-219318r610963_rule

Vulnerability Number

V-219318

Group Title

SRG-OS-000375-GPOS-00160

Rule Version

UBTU-18-010431

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Ubuntu operating system to implement multifactor authentication by installing the required packages.

Install the "libpam-pkcs11" package on the system with the following command:

# sudo apt install libpam-pkcs11

Check Contents

Verify the Ubuntu operating system has the packages required for multifactor authentication installed.

Check for the presence of the packages required to support multifactor authentication with the following commands:

# dpkg -l | grep libpam-pkcs11

ii libpam-pkcs11 0.6.8-4 amd64 Fully featured PAM module for using PKCS#11 smart cards

If the "libpam-pkcs11" package is not installed, this is a finding.

Vulnerability Number

V-219318

Documentable

False

Rule Version

UBTU-18-010431

Severity Override Guidance

Verify the Ubuntu operating system has the packages required for multifactor authentication installed.

Check for the presence of the packages required to support multifactor authentication with the following commands:

# dpkg -l | grep libpam-pkcs11

ii libpam-pkcs11 0.6.8-4 amd64 Fully featured PAM module for using PKCS#11 smart cards

If the "libpam-pkcs11" package is not installed, this is a finding.

Check Content Reference

M

Target Key

4055

Comments