Update Red Hat Enterprise Linux 9 Benchmark Section 1.6.2

1 votes

CIS Red Hat Enterprise Linux 9 Benchmark Section 1.6.2 (Ensure system wide crypto policy is not set in sshd configuration) is wrong.
On RHEL9 system wide crypto policies are not set this way anymore. More info here:
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening#examples-of-opting-out-of-system-wide-crypto-policies_using-the-system-wide-cryptographic-policies

Neither audit nor remediation procedure does anything. Every RHEL9 will always pass this audit procedure.

Done Benchmark Community Suggestion Suggested by: Mihajlo (12 May) • Upvoted: 12 May • Comments: 1

Comments: 1
Oldest • Newest • Most likes • Fewest likes

19 May
Chris Boldiston Admin
Highlighted comment

Hi Mihajlo

Thanks for that information. Can you please post this information to the CIS Workbench Community which develops the RHEL Benchmarks? The experts there will be able to consider your suggestion. The link to the community is https://workbench.cisecurity.org/communities/14

Thanks

Chris