RHEL 9 must use mechanisms meeting the requirements of applicable federal laws, executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.

An XCCDF Rule

Details
Profiles

Description

Overriding the system crypto policy makes the behavior of Kerberos violate expectations and makes system configuration more fragmented.

ID: SV-258237r1051256_rule
Version: RHEL-09-672025
Severity: Medium
References: CCI-000803
Updated: about 2 months ago

Remediation Templates

Configure Kerberos to use system cryptographic policy.

Create a symlink pointing to system crypto policy in the Kerberos configuration using the following command:

$ sudo ln -s /etc/crypto-policies/back-ends/krb5.config /usr/share/crypto-policies/FIPS/krb5.txt

RHEL 9 must use mechanisms meeting the requirements of applicable federal laws, executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.

Description

Remediation Templates

A Manual Procedure