GEN005306 - SNMP must require the use of a FIPS 140-2 cryptographic hash algorithm as part of its authentication and integrity methods.

Information

The SNMP service must use SHA-1 or a FIPS 140-2 approved successor for authentication and integrity.

Solution

Edit /etc/snmp/snmpd.conf and add the SHA keyword for any create user statement without one.
Restart the SNMP service.
# service snmpd restart

See Also

http://iasecontent.disa.mil/stigs/zip/U_RedHat_5_V1R18_STIG.zip

Item Details

Audit Name: DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit

Category: ACCESS CONTROL

References: 800-53|AC-17(2), CAT|II, CCI|CCI-001453, Group-ID|V-22448, Rule-ID|SV-37693r1_rule, STIG-ID|GEN005306, Vuln-ID|V-22448

Plugin: Unix

Control ID: b9abb788aea5fab561a07308fa034627ee380717db0dc91428e0528ff8f3b62b