Install crypto-policies package

An XCCDF Rule

Description

The crypto-policies package can be installed with the following command:

$ sudo dnf install crypto-policies

Rationale

Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.

ID: xccdf_org.ssgproject.content_rule_package_crypto-policies_installed
Severity: Medium
References: FCS_CKM.1 FCS_CKM.2 FCS_COP.1(1) FCS_COP.1(2) FCS_COP.1(3) FCS_COP.1(4) FCS_TLSC_EXT.1

SRG-OS-000393-GPOS-00173 SRG-OS-000394-GPOS-00174 SRG-OS-000396-GPOS-00176

SV-258234r926689_rule
Updated: 5 days ago


package install crypto-policies

- name: Ensure crypto-policies is installed
  package:
    name: crypto-policies
    state: present
  tags:
  - DISA-STIG-RHEL-09-672010  - enable_strategy
  - low_complexity
  - low_disruption
  - medium_severity
  - no_reboot_needed
  - package_crypto-policies_installed

include install_crypto-policies

class install_crypto-policies {
  package { 'crypto-policies':
    ensure => 'installed',
  }}


package --add=crypto-policies


[[packages]]
name = "crypto-policies"
version = "*"


if ! rpm -q --quiet "crypto-policies" ; then
    dnf install -y "crypto-policies"
fi

Install crypto-policies package

Description

Rationale

Remediation - script:kickstart

Remediation - Ansible

Remediation - Puppet

Remediation - Anaconda Pre-Install Instructions

Remediation - OS Build Blueprint

Remediation - Shell Script