STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated just now
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to IBM Aspera Platform 4.2 Security Technical Implementation Guide

V-252612

CAT II (Medium)

The IBM Aspera Shares private/secret cryptographic keys file must have a mode of 0400 or less permissive to prevent unauthorized read access.

Rule ID

SV-252612r831517_rule

STIG

IBM Aspera Platform 4.2 Security Technical Implementation Guide

Version

V1R3

CCIs

CCI-002165

Discussion

Private key data is used to prove that the entity presenting a public key certificate is the certificate's rightful owner. Compromise of private key data allows an adversary to impersonate the key holder.

Check Content

If the IBM Aspera Shares feature of the Aspera Platform is not installed, this is Not Applicable.

Verify the /opt/aspera/shares/u/shares/config/aspera/secret.rb file has a mode of "0400" or less permissive with the following command:

$ sudo stat -c "%a %n" /opt/aspera/shares/u/shares/config/aspera/secret.rb

400 /opt/aspera/shares/u/shares/config/aspera/secret.rb

If the resulting mode is more permissive than "0400", this is a finding.

Fix Text

Configure the /opt/aspera/shares/u/shares/config/aspera/secret.rb file to have a mode of "0400" or less permissive with the following command:

$ sudo chmod 0400 /opt/aspera/shares/u/shares/config/aspera/secret.rb