rpms / scap-security-guide

Clone
Source Code
GIT

Blame SOURCES/scap-security-guide-0.1.59-fix_6844-PR_7673.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   ff1465361ce508f93601c5dcefe092ef09bc26bb
  2.   SOURCES
  3.   scap-security-guide-0.1.59-fix_6844-PR_7673.patch
Blob History Raw
ff1465 
From 155a46f32b02fec3fa9a99d2a6fa2f1a5287fcaf Mon Sep 17 00:00:00 2001
ff1465 
From: Matthew Burket <mburket@redhat.com>
ff1465 
Date: Wed, 29 Sep 2021 09:43:56 -0500
ff1465 
Subject: [PATCH] Add RHEL8 FIPS STIG ID to few rules
ff1465
ff1465 
---
ff1465 
 .../integrity/crypto/configure_ssh_crypto_policy/rule.yml        | 1 +
ff1465 
 .../harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml      | 1 +
ff1465 
 .../crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml  | 1 +
ff1465 
 3 files changed, 3 insertions(+)
ff1465
ff1465 
diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
ff1465 
index 9ac0b55f65a..2f4fb79eb54 100644
ff1465 
--- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
ff1465 
+++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml
ff1465 
@@ -29,6 +29,7 @@ references:
ff1465 
     nerc-cip: CIP-003-3 R4.2,CIP-007-3 R5.1,CIP-007-3 R7.1
ff1465 
     nist: AC-17(a),AC-17(2),CM-6(a),MA-4(6),SC-13
ff1465 
     srg: SRG-OS-000250-GPOS-00093
ff1465 
+    stigid@rhel8: RHEL-08-010020
ff1465
ff1465 
 ocil_clause: 'the CRYPTO_POLICY variable is not set or is commented in the /etc/sysconfig/sshd'
ff1465
ff1465 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
ff1465 
index 682ca436b8d..adeae314fff 100644
ff1465 
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
ff1465 
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml
ff1465 
@@ -30,6 +30,7 @@ references:
ff1465 
     disa: CCI-001453
ff1465 
     nist: AC-17(2)
ff1465 
     srg: SRG-OS-000250-GPOS-00093
ff1465 
+    stigid@rhel8: RHEL-08-010020
ff1465
ff1465 
 ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
ff1465
ff1465 
diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
ff1465 
index d21f68ac17a..12e527ca33d 100644
ff1465 
--- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
ff1465 
+++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml
ff1465 
@@ -28,6 +28,7 @@ references:
ff1465 
     disa: CCI-001453
ff1465 
     nist: AC-17(2)
ff1465 
     srg: SRG-OS-000250-GPOS-00093
ff1465 
+    stigid@rhel8: RHEL-08-010020
ff1465
ff1465 
 ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'
ff1465

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation