AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| high | V-215322 | SRG-OS-000074-GPOS-00042 | AIX7-00-003005 | SV-215322r987796_rule | 2026-02-06 | 3 |
Description
The listed applications permit the transmission of passwords in plain text. Alternative applications such as SSH, which encrypt data, should be use instead.
ℹ️ Check
From the command prompt, execute the following commands:
# ls -l /usr/bin/rcp | awk '{print $1}'
# ls -l /usr/bin/rlogin | awk '{print $1}'
# ls -l /usr/bin/rsh | awk '{print $1}'
# ls -l /usr/bin/telnet | awk '{print $1}'
# ls -l /usr/bin/rexec | awk '{print $1}'
Each of the above commands should return with the following permissions:
----------
If the permissions are more permissive, this is a finding.
✔️ Fix
Use the chmod command to remove all permissions on these commands:
# chmod ugo= /usr/bin/rcp
# chmod ugo= /usr/bin/rlogin
# chmod ugo= /usr/bin/rsh
# chmod ugo= /usr/bin/rexec
# chmod ugo= /usr/bin/telnet