From 155a46f32b02fec3fa9a99d2a6fa2f1a5287fcaf Mon Sep 17 00:00:00 2001 From: Matthew Burket Date: Wed, 29 Sep 2021 09:43:56 -0500 Subject: [PATCH] Add RHEL8 FIPS STIG ID to few rules --- .../integrity/crypto/configure_ssh_crypto_policy/rule.yml | 1 + .../harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml | 1 + .../crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml index 9ac0b55f65a..2f4fb79eb54 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/configure_ssh_crypto_policy/rule.yml @@ -29,6 +29,7 @@ references: nerc-cip: CIP-003-3 R4.2,CIP-007-3 R5.1,CIP-007-3 R7.1 nist: AC-17(a),AC-17(2),CM-6(a),MA-4(6),SC-13 srg: SRG-OS-000250-GPOS-00093 + stigid@rhel8: RHEL-08-010020 ocil_clause: 'the CRYPTO_POLICY variable is not set or is commented in the /etc/sysconfig/sshd' diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml index 682ca436b8d..adeae314fff 100644 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_ciphers_openssh_conf_crypto_policy/rule.yml @@ -30,6 +30,7 @@ references: disa: CCI-001453 nist: AC-17(2) srg: SRG-OS-000250-GPOS-00093 + stigid@rhel8: RHEL-08-010020 ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly' diff --git a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml index d21f68ac17a..12e527ca33d 100644 --- a/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml +++ b/linux_os/guide/system/software/integrity/crypto/harden_sshd_macs_openssh_conf_crypto_policy/rule.yml @@ -28,6 +28,7 @@ references: disa: CCI-001453 nist: AC-17(2) srg: SRG-OS-000250-GPOS-00093 + stigid@rhel8: RHEL-08-010020 ocil_clause: 'Crypto Policy for OpenSSH client is not configured correctly'