SRG-OS-000120-GPOS-00061 Controls

STIG ID Version Title Product
SLES-12-010210 V2R11 The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).
RHEL-08-010160 V1R3 The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
RHEL-08-010161 V1R3 RHEL 8 must prevent system daemons from using Kerberos for authentication.
RHEL-08-010162 V1R3 The krb5-workstation package must not be installed on RHEL 8.
RHEL-08-010163 V1R3 The krb5-server package must not be installed on RHEL 8.
RHEL-08-010159 V1R3 The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
UBTU-20-010404 V1R12 The Ubuntu operating system must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm.
SLES-15-010260 V1R12 The SUSE operating system must employ FIPS 140-2 approved cryptographic hashing algorithm for system authentication (login.defs).
WN11-CC-000052 V2R2 Windows 11 must be configured to prioritize ECC Curves with longer key lengths first.
WN11-SO-000190 V2R2 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites.
WN10-CC-000052 V3R2 Windows 10 must be configured to prioritize ECC Curves with longer key lengths first.
WN10-SO-000190 V3R2 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites.
WN19-SO-000290 V3R2 Windows Server 2019 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites.
UBTU-22-611070 V2R2 Ubuntu 22.04 LTS must encrypt all stored passwords with a FIPS 140-3-approved cryptographic hashing algorithm.
WN16-SO-000350 V2R7 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites.
WN22-SO-000290 V1R4 Windows Server 2022 Kerberos encryption types must be configured to prevent the use of DES and RC4 encryption suites.
RHEL-09-611205 V1R3 RHEL 9 must prevent system daemons from using Kerberos for authentication.
RHEL-09-672025 V1R3 RHEL 9 must use mechanisms meeting the requirements of applicable federal laws, executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.
OL08-00-010159 V1R3 The OL 8 "pam_unix.so" module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
OL08-00-010160 V1R3 The OL 8 "pam_unix.so" module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.
OL08-00-010161 V1R3 OL 8 must prevent system daemons from using Kerberos for authentication.
OL08-00-010162 V1R3 The krb5-workstation package must not be installed on OL 8.
OL08-00-010163 V1R3 The krb5-server package must not be installed on OL 8.
UBTU-18-010110 V2R11 The Ubuntu operating system must employ a FIPS 140-2 approved cryptographic hashing algorithms for all created and stored passwords.