The pcscd service on RHEL 9 must be active.

STIG ID: RHEL-09-611180  |  SRG: SRG-OS-000375-GPOS-00160 | Severity: medium |  CCI: CCI-001948

Vulnerability Discussion

The information system ensures that even if the information system is compromised, that compromise will not affect credentials stored on the authentication device.

The daemon program for pcsc-lite and the MuscleCard framework is pcscd. It is a resource manager that coordinates communications with smart card readers and smart cards and cryptographic tokens that are connected to the system.

Check

Verify that the "pcscd" service is active with the following command:

$ systemctl is-active pcscd

active

If the pcscdservice is not active, this is a finding.

Fix

To enable the pcscd service run the following command:

$ sudo systemctl enable --now pcscd
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.