SRG-OS-000073-GPOS-00041 Controls

STIG ID Version Title Product
SLES-12-010220 V2R11 The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords.
SLES-12-010230 V2R11 The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords.
SLES-12-010240 V2R11 The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords.
RHEL-08-010110 V1R3 RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
RHEL-08-010120 V1R3 RHEL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
RHEL-08-010130 V1R3 The RHEL 8 password-auth file must be configured to use a sufficient number of hashing rounds.
RHEL-08-010131 V1R3 The RHEL 8 system-auth file must be configured to use a sufficient number of hashing rounds.
SLES-15-020170 V1R12 The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to only store encrypted representations of passwords.
SLES-15-020180 V1R12 The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords.
SLES-15-020190 V1R12 The SUSE operating system must employ FIPS 140-2-approved cryptographic hashing algorithms for all stored passwords.
WN11-AC-000045 V2R2 Reversible password encryption must be disabled.
WN11-SO-000195 V2R2 The system must be configured to prevent the storage of the LAN Manager hash of passwords.
WN10-AC-000045 V3R2 Reversible password encryption must be disabled.
WN10-SO-000195 V3R2 The system must be configured to prevent the storage of the LAN Manager hash of passwords.
WN19-AC-000090 V3R2 Windows Server 2019 reversible password encryption must be disabled.
WN19-SO-000300 V3R2 Windows Server 2019 must be configured to prevent the storage of the LAN Manager hash of passwords.
UBTU-22-611055 V2R2 Ubuntu 22.04 LTS must store only encrypted representations of passwords.
WN16-AC-000090 V2R7 Windows Server 2016 reversible password encryption must be disabled.
WN16-SO-000360 V2R7 Windows Server 2016 must be configured to prevent the storage of the LAN Manager hash of passwords.
WN22-AC-000090 V1R4 Windows Server 2022 reversible password encryption must be disabled.
WN22-SO-000300 V1R4 Windows Server 2022 must be configured to prevent the storage of the LAN Manager hash of passwords.
RHEL-07-010200 V3R6 The Red Hat Enterprise Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords.
RHEL-07-010210 V3R6 The Red Hat Enterprise Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords.
RHEL-07-010220 V3R6 The Red Hat Enterprise Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords.
RHEL-09-611050 V1R3 RHEL 9 password-auth must be configured to use a sufficient number of hashing rounds.
RHEL-09-611055 V1R3 RHEL 9 system-auth must be configured to use a sufficient number of hashing rounds.
RHEL-09-611135 V1R3 RHEL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords.
RHEL-09-611140 V1R3 RHEL 9 must be configured to use the shadow file to store only encrypted representations of passwords.
RHEL-09-611150 V1R3 RHEL 9 shadow password suite must be configured to use a sufficient number of hashing rounds.
RHEL-09-671015 V1R3 RHEL 9 must employ FIPS 140-3 approved cryptographic hashing algorithms for all stored passwords.
RHEL-09-671025 V1R3 RHEL 9 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-3 approved cryptographic hashing algorithm for system authentication.
OL08-00-010110 V1R3 OL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
OL08-00-010120 V1R3 OL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords.
OL08-00-010130 V1R3 The OL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.
UBTU-18-010104 V2R11 The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
OL07-00-010200 V2R11 The Oracle Linux operating system must be configured so that the PAM system service is configured to store only encrypted representations of passwords.
OL07-00-010210 V2R11 The Oracle Linux operating system must be configured to use the shadow file to store only encrypted representations of passwords.
OL07-00-010220 V2R11 The Oracle Linux operating system must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords.
OL07-00-010199 V2R11 The Oracle Linux operating system must be configured to prevent overwriting of custom authentication configuration settings by the authconfig utility.