The AIX system must have no .netrc files on the system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-215403	AIX7-00-003101	SV-215403r1009555_rule		High

Description

Unencrypted passwords for remote FTP servers may be stored in .netrc files. Policy requires passwords be encrypted in storage and not used in access scripts.

STIG	Date
IBM AIX 7.x Security Technical Implementation Guide	2024-08-16

Details

Check Text (C-16601r294660_chk)

Check the system for the existence of any ".netrc" files by running the following command:
# find / -name .netrc

If any ".netrc" file exists, this is a finding.

Fix Text (F-16599r294661_fix)

Remove all ".netrc" file(s):
# find / -name .netrc -exec rm {} \;