STIGQter: STIG Summary: Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 10 Mar 2021:

The Ubuntu operating system must prevent direct login into the root account.

DISA Rule

SV-238329r654162_rule

Vulnerability Number

V-238329

Group Title

SRG-OS-000109-GPOS-00056

Rule Version

UBTU-20-010408

Severity

CAT II

CCI(s)

CCI-000770 - The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed.

Weight

Fix Recommendation

Configure the Ubuntu operating system to prevent direct logins to the root account by performing the following operations:

$ sudo passwd -l root

Check Contents

Verify the Ubuntu operating system prevents direct logins to the root account with the following command:

$ sudo passwd -S root

root L 04/23/2020 0 99999 7 -1

If the output does not contain "L" in the second field to indicate the account is locked, this is a finding.

Vulnerability Number

V-238329

Documentable

False

Rule Version

UBTU-20-010408

Severity Override Guidance

Check Content Reference

Target Key

5318

The Ubuntu operating system must prevent direct login into the root account.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments