RHEL 9 must implement a system-wide encryption policy.

An XCCDF Rule

Description

<VulnDiscussion>Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-258241r926710_rule
Severity: Medium
References: CCI-002450 CCI-002890 CCI-003123
Updated: 9 months ago

Configure the operating system to implement FIPS mode with the following command

$ sudo fips-mode-setup --enable

Reboot the system for the changes to take effect.

RHEL 9 must implement a system-wide encryption policy.

Description

Remediation - Manual Procedure