On 6/7/17 12:04 PM, Fen Labalme wrote: > If password access is disabled on a cloud-based server - both from > (virtual) console and via SSH - can the set of password checks be > disabled somehow? > > * 10 checks: Set Password Quality Requirements with pam_pwquality > * 5 checks: Set Lockouts for Failed Password Attempts > * 3 checks: Set Password Hashing Algorithm >
OVAL has the ability to do conditional clauses, e.g. most of the SSH checks will be notapplicable/pass if sshd is not installed. Can evaluate password access in sshd configs, but that's only for ssh server.... what do we check to see if password access is disabled for the entire system?
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
