Amazon Linux 2023 must automatically exit interactive command shell user sessions after 15 minutes of inactivity.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-274142 | SRG-OS-000163-GPOS-00072 | AZLX-23-002396 | SV-274142r1120414_rule | 2025-07-15 | 1 |
| Description |
|---|
| Terminating an idle interactive command shell user session within a short time period reduces the window of opportunity for unauthorized personnel to take control of it when left unattended in a virtual terminal or physical console. |
| ℹ️ Check |
|---|
| Verify Amazon Linux 2023 is configured to exit interactive command shell user sessions after 10 minutes of inactivity or less with the following command: $ sudo grep -i tmout /etc/profile /etc/profile.d/*.sh /etc/profile.d/tmout.sh:declare -xr TMOUT=600 If "TMOUT" is not set to "600" or less in a script located in the "/etc/'profile.d/ directory, is missing or is commented out, this is a finding. |
| ✔️ Fix |
|---|
| Configure Amazon Linux 2023 to exit interactive command shell user sessions after 10 minutes of inactivity. Add or edit the following line in "/etc/profile.d/tmout.sh": #!/bin/bash declare -xr TMOUT=600 |