[Feature Request] Compliance Setting: "OS must generate audit records for any use of the `ssh-keysign` command"

**Is your feature request related to a problem? Please describe.**

STIG scans calling out RHEL-09-654140/OL09-00-000610/ALMA-09-050620

**Describe the solution you'd like**

Per the STIG guidance:
> Configure AlmaLinux OS 9 to generate audit records upon successful/unsuccessful attempts to use the "`ssh-keysign`" command.
> 
> Add the following to the "`/etc/audit/rules.d/audit.rules`" file:
> ```
> -a always,exit -F path=/usr/bin/ssh-keysign -F perm=x -F auid>=1000 -F auid!=unset -k privileged-ssh
> ```
> Merge the rules into /etc/audit/audit.rules:
> ```
> $ augenrules --load
> ```

**Describe alternatives you've considered**


**Additional context**

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Feature Request] Compliance Setting: "OS must generate audit records for any use of the `ssh-keysign` command" #561

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Feature Request] Compliance Setting: "OS must generate audit records for any use of the ssh-keysign command" #561

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

[Feature Request] Compliance Setting: "OS must generate audit records for any use of the `ssh-keysign` command" #561