SRG-OS-000125-GPOS-00065 Controls

STIG IDVersionTitleProduct
ALMA-09-040390V1R3AlmaLinux OS 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD.
OL08-00-010290V2R5The OL 8 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.
OL08-00-010291V2R5The OL 8 SSH server must be configured to use only ciphers employing FIPS 140-2 validated cryptographic algorithms.
OL09-00-002344V1R2OL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD.
RHEL-09-255050V2R5RHEL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD.
SLES-12-030180V3R2The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.
SLES-15-010270V2R4The SUSE operating system SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms.
UBTU-18-010414V2R15The Ubuntu operating system must use strong authenticators in establishing nonlocal maintenance and diagnostic sessions.
UBTU-20-010035V2R3The Ubuntu operating system must use strong authenticators in establishing nonlocal maintenance and diagnostic sessions.
UBTU-22-255065V2R4Ubuntu 22.04 LTS must use strong authenticators in establishing nonlocal maintenance and diagnostic sessions.
UBTU-24-500050V1R1Ubuntu 24.04 LTS must use strong authenticators in establishing nonlocal maintenance and diagnostic sessions.
WN10-CC-000330V3R4The Windows Remote Management (WinRM) client must not use Basic authentication.
WN10-CC-000345V3R4The Windows Remote Management (WinRM) service must not use Basic authentication.
WN10-CC-000360V3R4The Windows Remote Management (WinRM) client must not use Digest authentication.
WN11-CC-000330V2R4The Windows Remote Management (WinRM) client must not use Basic authentication.
WN11-CC-000345V2R4The Windows Remote Management (WinRM) service must not use Basic authentication.
WN11-CC-000360V2R4The Windows Remote Management (WinRM) client must not use Digest authentication.
WN16-CC-000500V2R9The Windows Remote Management (WinRM) client must not use Basic authentication.
WN16-CC-000520V2R9The Windows Remote Management (WinRM) client must not use Digest authentication.
WN16-CC-000530V2R9The Windows Remote Management (WinRM) service must not use Basic authentication.
WN19-CC-000470V3R4Windows Server 2019 Windows Remote Management (WinRM) client must not use Basic authentication.
WN19-CC-000490V3R4Windows Server 2019 Windows Remote Management (WinRM) client must not use Digest authentication.
WN19-CC-000500V3R4Windows Server 2019 Windows Remote Management (WinRM) service must not use Basic authentication.
WN22-CC-000470V2R5Windows Server 2022 Windows Remote Management (WinRM) client must not use Basic authentication.
WN22-CC-000490V2R5Windows Server 2022 Windows Remote Management (WinRM) client must not use Digest authentication.
WN22-CC-000500V2R5Windows Server 2022 Windows Remote Management (WinRM) service must not use Basic authentication.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.