Instructions
Fill out this sheet as you progress through the lab and discussions. Hold your worksheets until the end to turn them in as a final submission packet.
Resources / Important Links
- https://www.sans.org/information-security-policy/
- https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/
- https://docs.rockylinux.org/guides/security/pam/
- https://docs.rockylinux.org/guides/security/authentication/active_directory_authentication/
- https://docs.rockylinux.org/books/admin_guide/06-users/
Downloads
The worksheet has been provided below. The document(s) can be transposed to
the desired format so long as the content is preserved. For example, the .txt
could be transposed to a .md file.
Unit 3 Recording
Discussion Post #1
There are 16 Stigs that involve PAM for RHEL 9. Read the guide from Rocky Linux here: https://docs.rockylinux.org/guides/security/pam/
- What are the mechanisms and how do they affect PAM functionality?
- Review
/etc/pam.d/sshdon a Linux system.
What is happening in that file relative to these functionalities?
- Review
- What are the common PAM modules?
- Review
/etc/pam.d/sshdon a Linux system.
What is happening in that file relative to these functionalities?
- Review
- Look for a blog post or article about PAM that discusses real world application.
Post it here and give us a quick synopsis. (Bonus arbitrary points if you find one of our ProLUG members blogs on the subject.)
Discussion Post #2
Read about active directory (or LDAP) configurations of Linux via sssd here:
https://docs.rockylinux.org/guides/security/authentication/active_directory_authentication
- Why do we not want to just use local authentication in Linux? Or really any system?
- There are 4 SSSD STIGS.
- What are they?
- What do they seek to do with the system?
The discussion posts are done in Discord threads. Click the 'Threads' icon on the top right and search for the discussion post.
Definitions
PAM:
AD:
LDAP:
sssd:
oddjob:
krb5:
realm/realmd:
wheel (system group in RHEL):
Digging Deeper
- How does
/etc/security/access.confcome into play with pam_access? Read up on it here: https://man7.org/linux/man-pages/man8/pam_access.8.html- Can you find any other good resources?
- What is the structure of the access.conf file directives?
- What other important user access or user management information do you learn by
reading this? https://docs.rockylinux.org/books/admin_guide/06-users/
- What is the contents of the
/etc/login.defsfile? Why do you care?
- What is the contents of the
Reflection Questions
-
What questions do you still have about this week?
-
How are you going to use what you've learned in your current role?