There must be no ".shosts" files on The TOSS operating system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-252939	TOSS-04-010370	SV-252939r991589_rule		Medium

Description

The ."shosts" files are used to configure host-based authentication for individual users or the system via SSH. Host-based authentication is not sufficient for preventing unauthorized access to the system, as it does not require interactive identification and authentication of a connection request, or for the use of two-factor authentication.

STIG	Date
Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide	2025-05-08

Details

Check Text (C-56392r824139_chk)

Verify there are no ."shosts" files on TOSS with the following command:

$ sudo find / -name '*.shosts'

If any ."shosts" files are found, this is a finding.

Fix Text (F-56342r824140_fix)

Remove any found ."shosts" files from the system.

$ sudo rm /[path]/[to]/[file]/.shosts