Detections
Analytics
PHTN-40-000013 - The Photon operating system must have the OpenSSL FIPS provider installed to protect the confidentiality of remote access sessions.
Information
Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.OpenSSH on the Photon operating system when configured appropriately can utilize a FIPS validated OpenSSL for cryptographic operations.
Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174, SRG-OS-000423-GPOS-00187, SRG-OS-000425-GPOS-00189, SRG-OS-000426-GPOS-00190
Solution
At the command line, run the following command:# tdnf install openssl-fips-provider
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_8-0_Y24M08_STIG.zip
Item Details
Category: ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION
References: 800-53|AC-17(2), 800-53|MA-4(6), 800-53|SC-8, 800-53|SC-8(2), CAT|I, CCI|CCI-000068, CCI|CCI-002418, CCI|CCI-002420, CCI|CCI-002422, CCI|CCI-002890, CCI|CCI-003123, Rule-ID|SV-258806r958408_rule, STIG-ID|PHTN-40-000013, Vuln-ID|V-258806
Plugin: Unix
Control ID: ed4599da3a0346bed003c94351b0ed74bba68d67ee32eaf41c130990c932fd85