STIGQter: STIG Summary: CA API Gateway NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 19 Sep 2016: STIGQter: STIG Summary: CA API Gateway NDM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 19 Sep 2016:SV-86155r1_rule
V-71531
SRG-APP-000164-NDM-000252
CAGW-DM-000160
CAT II
10
In order to change the default setting:
- Log in to Gateway via SSH.
- Open /etc/login.defs.
- Change the value for PASS_MIN_LENGTH to desired value.
Then:
- Change the PASS_MIN_LENGTH field to desired value in the following files:
-- /etc/pam.d/password-auth
-- /etc/pam.d/password-auth-ac
-- /etc/pam.d/system-auth
-- /etc/pam.d/system-auth-ac
Note: Must be a value of "15" or greater.
Verify the CA API Gateway configuration files for passwords (/etc/login.defs, /etc/pam.d/password, /etc/pam.d/password-auth-ac, /etc/pam.d/system-auth, and /etc/pam.d/system-auth-ac) each have this line:
PASS_MIN_LEN 15.
If the CA API Gateway configuration files for passwords (/etc/login.defs, /etc/pam.d/password, /etc/pam.d/password-auth-ac, /etc/pam.d/system-auth, and /etc/pam.d/system-auth-ac) do not have the line requiring minimum 15-character password length, this is a finding.
V-71531
False
CAGW-DM-000160
Verify the CA API Gateway configuration files for passwords (/etc/login.defs, /etc/pam.d/password, /etc/pam.d/password-auth-ac, /etc/pam.d/system-auth, and /etc/pam.d/system-auth-ac) each have this line:
PASS_MIN_LEN 15.
If the CA API Gateway configuration files for passwords (/etc/login.defs, /etc/pam.d/password, /etc/pam.d/password-auth-ac, /etc/pam.d/system-auth, and /etc/pam.d/system-auth-ac) do not have the line requiring minimum 15-character password length, this is a finding.
M
3051