STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018: STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x SLES Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:SV-99291r1_rule
V-88641
SRG-OS-000266-GPOS-00101
VROM-SL-000900
CAT II
10
Configure SLES for vRealize to enforce password complexity by requiring that at least one special character be used by running the following command:
If "ocredit" was not set at all in "/etc/pam.d/common-password-vmware.local" file then run the following command:
# sed -i '/pam_cracklib.so/ s/$/ ocredit=-1/' /etc/pam.d/common-password-vmware.local
If "ocredit" was set incorrectly, run the following command:
# sed -i '/pam_cracklib.so/ s/ocredit=../ocredit=-1/' /etc/pam.d/common-password-vmware.local
Verify SLES for vRealize enforces password complexity by requiring that at least one special character be used by using the following command:
Check the password "ocredit" option:
# grep pam_cracklib.so /etc/pam.d/common-password
Confirm the "ocredit" option is set to "-1" as in the example:
password requisite pam_cracklib.so ocredit=-1
There may be other options on the line.
If no such line is found, or the "ocredit" is not "-1", this is a finding.
V-88641
False
VROM-SL-000900
Verify SLES for vRealize enforces password complexity by requiring that at least one special character be used by using the following command:
Check the password "ocredit" option:
# grep pam_cracklib.so /etc/pam.d/common-password
Confirm the "ocredit" option is set to "-1" as in the example:
password requisite pam_cracklib.so ocredit=-1
There may be other options on the line.
If no such line is found, or the "ocredit" is not "-1", this is a finding.
M
3461