Skip to content

Install crypto-policies package

An XCCDF Rule

Description

The crypto-policies package can be installed with the following command:

$ sudo dnf install crypto-policies

Rationale

Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.

ID
xccdf_org.ssgproject.content_rule_package_crypto-policies_installed
Severity
Medium
References
Updated



Remediation - Anaconda Pre-Install Instructions


package --add=crypto-policies

Remediation - OS Build Blueprint


[[packages]]
name = "crypto-policies"
version = "*"

Remediation - Ansible

- name: Ensure crypto-policies is installed
  package:
    name: crypto-policies
    state: present
  tags:
  - CCE-83442-4

Remediation - Puppet

include install_crypto-policies

class install_crypto-policies {
  package { 'crypto-policies':
    ensure => 'installed',
  }

Remediation - Shell Script


if ! rpm -q --quiet "crypto-policies" ; then
    dnf install -y "crypto-policies"
fi