SLES-12-010410 - There must be no shosts.equiv files on the SUSE operating system.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The shosts.equiv files are used to configure host-based authentication for the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.

Solution

Remove any 'shosts.equiv' files found on the SUSE operating system.

# rm /[path]/[to]/[file]/shosts.equiv

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_SLES_12_V2R13_STIG.zip

Item Details

References: CAT|I, CCI|CCI-000366, Rule-ID|SV-217142r603262_rule, STIG-ID|SLES-12-010410, STIG-Legacy|SV-91835, STIG-Legacy|V-77139, Vuln-ID|V-217142

Plugin: Unix

Control ID: 81f47afbd46984dc9ffb8a4670bf5f50b0ac2dbbf9ad58736e9c3d275c894a59