Detections
Analytics
RHEL-09-671010 - RHEL 9 must enable FIPS mode.
Information
Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government because this provides assurance they have been tested and validated.Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000250-GPOS-00093, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174, SRG-OS-000396-GPOS-00176, SRG-OS-000423-GPOS-00187, SRG-OS-000478-GPOS-00223
Solution
Configure RHEL 9 to implement FIPS mode.If this check fails on an installed system, it is a permanent finding until the system is reinstalled with "fips=1" during installation.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_9_V2R8_STIG.zip
Item Details
Audit Name: DISA Red Hat Enterprise Linux 9 STIG v2r8
Category: ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|AC-17(2), 800-53|MA-4c., 800-53|SC-8, 800-53|SC-13, CAT|I, CCI|CCI-000068, CCI|CCI-000877, CCI|CCI-002418, CCI|CCI-002450, Rule-ID|SV-258230r1184334_rule, STIG-ID|RHEL-09-671010, Vuln-ID|V-258230
Plugin: Unix
Control ID: b5f11766bdf5faec7d9f1f6afb1a6756235f519871106331b8958c921795dd1e