RHEL 9 must implement a systemwide encryption policy.

An XCCDF Rule

Description

<VulnDiscussion>Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-258241r1017572_rule
Severity: Medium
References: CCI-002450 CCI-002890 CCI-003123
Updated: 17 days ago

Configure the FIPS policy as the systemwide cryptographic policy by running the following command:

$ sudo update-crypto-policies --set FIPS

Reboot the system to ensure that all aspects of the change take effect.

RHEL 9 must implement a systemwide encryption policy.

Description

Remediation - Manual Procedure