STIGQter STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must implement multifactor authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.

DISA Rule

SV-238230r653865_rule

Vulnerability Number

V-238230

Group Title

SRG-OS-000375-GPOS-00160

Rule Version

UBTU-20-010063

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the Ubuntu operating system to implement multifactor authentication by installing the required packages.

Install the "libpam-pkcs11" package on the system with the following command:

$ sudo apt install libpam-pkcs11

Check Contents

Verify the Ubuntu operating system has the packages required for multifactor authentication installed with the following commands:

$ dpkg -l | grep libpam-pkcs11

ii libpam-pkcs11 0.6.8-4 amd64 Fully featured PAM module for using PKCS#11 smart cards

If the "libpam-pkcs11" package is not installed, this is a finding.

Vulnerability Number

V-238230

Documentable

False

Rule Version

UBTU-20-010063

Severity Override Guidance

Verify the Ubuntu operating system has the packages required for multifactor authentication installed with the following commands:

$ dpkg -l | grep libpam-pkcs11

ii libpam-pkcs11 0.6.8-4 amd64 Fully featured PAM module for using PKCS#11 smart cards

If the "libpam-pkcs11" package is not installed, this is a finding.

Check Content Reference

M

Target Key

5318

Comments