Install crypto-policies package
An XCCDF Rule
Description
The crypto-policies
package can be installed with the following command:
$ sudo dnf install crypto-policies
Rationale
Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.
- ID
- xccdf_org.ssgproject.content_rule_package_crypto-policies_installed
- Severity
- Medium
- References
- Updated
Remediation - Anaconda Pre-Install Instructions
package --add=crypto-policies
Remediation - OS Build Blueprint
[[packages]]
name = "crypto-policies"
version = "*"
Remediation - Ansible
- name: Ensure crypto-policies is installed
package:
name: crypto-policies
state: present
tags:
- DISA-STIG-RHEL-09-672010
Remediation - Puppet
include install_crypto-policies
class install_crypto-policies {
package { 'crypto-policies':
ensure => 'installed',
}
Remediation - Shell Script
if ! rpm -q --quiet "crypto-policies" ; then
dnf install -y "crypto-policies"
fi