UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

RHEL 9 crypto policy files must match files shipped with the operating system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-258235 RHEL-09-672015 SV-258235r959006_rule High
Description
The RHEL 9 package "crypto-policies" defines the cryptography policies for the system. If the files are changed from those shipped with the operating system, it may be possible for RHEL 9 to use cryptographic functions that are not FIPS 140-3 approved. Satisfies: SRG-OS-000478-GPOS-00223, SRG-OS-000396-GPOS-00176
STIG Date
Red Hat Enterprise Linux 9 Security Technical Implementation Guide 2024-06-04

Details

Check Text ( C-61976r926690_chk )
Verify that the RHEL 9 package "crypto-policies" has not been modified with the following command:

$ rpm -V crypto-policies

If the command has any output, this is a finding.
Fix Text (F-61900r926691_fix)
Reinstall the crypto-policies package to remove any modifications.

$ sudo dnf reinstall crypto-policies