Rule ID
SV-268131r1131067_rule
Version
V1R2
CCIs
CCI-000197
Passwords need to be protected at all times, and encryption is the standard method for protecting passwords. If passwords are not encrypted, they can be plainly read (i.e., clear text) and easily compromised.
Ensure the telnet package is not installed and available with the following command: $ whereis telnet telnet: If there is a path, and the output looks like "telnet: /nix/store/sqiphymcpky1yysgdc1aj4lr9jg9n53a-inetutils-2.2/bin/telnet", this is a finding.
Edit the NixOS Configuration file /etc/nixos/configuration.nix or /etc/nixos/flake.nix and remove any references to pkgs.libtelnet, pkgs.busybox, or pkgs.inetutils from the environment.systemPackages list. Rebuild and switch to the new NixOS configuration: $ sudo nixos-rebuild switch