Detections
Analytics
GEN005512 - The SSH client must only use message authentication codes (MACs) that employ FIPS 140-2 cryptographic hash algorithms.
Information
DoD information systems are required to use FIPS 140-2 approved cryptographic hash functions.Solution
Edit the SSH client configuration and remove any MACs that are not hmac-sha1 or a better hmac algorithm that is on the FIPS 140-2 approved list. If necessary, add a MACs line.See Also
http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip
Item Details
Category: ACCESS CONTROL
References: 800-53|AC-17(2), CAT|II, CCI|CCI-001453, Group-ID|V-22463, Rule-ID|SV-37836r2_rule, STIG-ID|GEN005512, Vuln-ID|V-22463
Plugin: Unix
Control ID: 3c8642dab104399c2d5a35d387d2e404319e7d13b4d0a93063a4cc739bc5c910