Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-97231 | RHEL-06-000244 | SV-106369r1_rule | Medium |
Description |
---|
Approved algorithms required for compliance must impart some level of confidence in their implementation. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2019-09-25 |
Check Text ( C-96069r1_chk ) |
---|
Verify sshd is configured to use FIPS 140-2 approved Message Authentication Codes (MACs): # grep -i "mac" /etc/ssh/sshd_config | grep -v '^#' MACs hmac-sha2-512,hmac-sha2-256 If the output contains MACs that are not FIPS-approved, or does not return a value, this is a finding. |
Fix Text (F-102913r1_fix) |
---|
Configure sshd to use only FIPS-approved Message Authentication Codes. |