The AIX rlogind service must be disabled.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| high | V-215347 | SRG-OS-000074-GPOS-00042 | AIX7-00-003041 | SV-215347r987796_rule | 2026-02-06 | 3 |
Description
The rlogin daemon permits username and passwords to be passed over the network in clear text.
ℹ️ Check
Determine if the "rlogind" service is running by running the following command:
# grep -v "^#" /etc/inetd.conf |grep rlogin
If the above grep command returned a line that contains "rlogin", this is a finding.
✔️ Fix
Disable the rlogind service by editing the "'etc/inetd.conf" file.
# vi /etc/inetd.conf
Comment out the "rlogind" service.
Restart the inetd service:
# refresh -s inetd