Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-218005 | RHEL-06-000244 | SV-218005r505923_rule | Medium |
Description |
---|
Approved algorithms required for compliance must impart some level of confidence in their implementation. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2020-09-03 |
Check Text ( C-19486r377030_chk ) |
---|
Verify sshd is configured to use FIPS 140-2 approved Message Authentication Codes (MACs): # grep -i "mac" /etc/ssh/sshd_config | grep -v '^#' MACs hmac-sha2-512,hmac-sha2-256 If the output contains MACs that are not FIPS-approved, or does not return a value, this is a finding. |
Fix Text (F-19484r377031_fix) |
---|
Configure sshd to use only FIPS-approved Message Authentication Codes. |