RHEL 10 must have the "crypto-policies" package installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-281007 | RHEL-10-300000 | SV-281007r1195399_rule | CCI-002450 | high |
| Description | ||||
| Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174 | ||||
| STIG | Date | |||
| Red Hat Enterprise Linux 10 Security Technical Implementation Guide | 2026-03-11 | |||
Details
Check Text (C-281007r1195399_chk)
Verify RHEL 10 has the "crypto-policies" package installed with the following command:
$ sudo dnf list --installed crypto-policies
Installed Packages
crypto-policies.noarch 20250214-1.gitfd9b9b9.el10_0.1 @rhel-10-for-x86_64-baseos-rpms
If the "crypto-policies" package is not installed, this is a finding.
Fix Text (F-85473r1165375_fix)
Configure RHEL 10 to have the "crypto-policies" package installed with the following command:
$ sudo dnf -y install crypto-policies