CIS Red Hat Enterprise Linux 9 Benchmark Section 1.6.2 is wrong
CIS Red Hat Enterprise Linux 9 Benchmark Section 1.6.2 (Ensure system wide crypto policy is not set in sshd configuration) is wrong.
On RHEL9 system wide crypto policies are not set this way anymore. More info here:
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening#examples-of-opting-out-of-system-wide-crypto-policies_using-the-system-wide-cryptographic-policies
Neither audit nor remediation procedure does anything. Every RHEL9 will always pass this audit procedure.
Comments: 1
Oldest
•
Newest
•
Most likes
•
Fewest likes
-
20 Apr
Chris Boldiston AdminHighlighted comment
Thanks for your suggestion
Can you please post that comment on the RedHat Workbench Community? That is where the community makes decisions on what to include, or not include in Benchmarks - https://workbench.cisecurity.org/communities/14
Thanks