Install crypto-policies package

An XCCDF Rule

Description

The crypto-policies package can be installed with the following command:

$ sudo dnf install crypto-policies

Rationale

Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data.

ID: xccdf_org.ssgproject.content_rule_package_crypto-policies_installed
Severity: Medium
References: FCS_CKM.1 FCS_CKM.2 FCS_COP.1(1) FCS_COP.1(2) FCS_COP.1(3) FCS_COP.1(4) FCS_TLSC_EXT.1

SRG-OS-000393-GPOS-00173 SRG-OS-000394-GPOS-00174 SRG-OS-000396-GPOS-00176

SV-258234r926689_rule
Updated: about 1 month ago

Remediation Templates

package install crypto-policies

- name: Ensure crypto-policies is installed
  package:
    name: crypto-policies
    state: present
  tags:
  - DISA-STIG-RHEL-09-672010  - enable_strategy
  - low_complexity
  - low_disruption
  - medium_severity
  - no_reboot_needed
  - package_crypto-policies_installed

include install_crypto-policies
class install_crypto-policies {
  package { 'crypto-policies':
    ensure => 'installed',
  }
}

package --add=crypto-policies

[[packages]]
name = "crypto-policies"
version = "*"

if ! rpm -q --quiet "crypto-policies" ; then
    dnf install -y "crypto-policies"
fi

Install crypto-policies package

Description

Rationale

Remediation Templates

script:kickstart

An Ansible Snippet

A Puppet Snippet

Anaconda Pre-Install Instructions

OS Build Blueprint

A Shell Script