The AIX operating system must accept and verify Personal Identity Verification (PIV) credentials.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-215441 | AIX7-00-003205 | SV-215441r958816_rule | CCI-001953 | medium |
| Description | ||||
| The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DoD has mandated the use of the CAC to support identity management and personal authentication for systems covered under Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a primary component of layered protection for national security systems. Satisfies: SRG-OS-000376-GPOS-00161, SRG-OS-000377-GPOS-00162 | ||||
| STIG | Date | |||
| IBM AIX 7.x Security Technical Implementation Guide | 2024-08-16 | |||
Details
Check Text (C-215441r958816_chk)
Verify that the " bos.ahafs" package is installed:
# lslpp -l |grep bos.ahafs
bos.ahafs 7.1.5.15 COMMITTED Aha File System
If the "bos.ahafs" package is not installed, this is a finding.
Verify "pmfahotplugd" service is running:
# lssrc -s pmfahotplugd
If the " pmfahotplugd" service is not running, this is a finding.
Fix Text (F-16637r294775_fix)
Install "bos.ahafs" fileset from the PowerSC MFA DVD using the following command (assuming that the DVD device is mounted to /dev/cd0):
# installp -aXYgd /dev/cd0 -e /tmp/install.log bos.ahafs
Start the "pmfahotplugd" service:
# startsrc-s pmfahotplugd