content icon indicating copy to clipboard operation
content copied to clipboard
verified publisher icon ComplianceAsCode

harden_sshd_ciphers_openssh_conf_crypto_policy is misaligned with DISA

Open mildas opened this issue 2 years ago • 2 comments

Description of problem:

harden_sshd_ciphers_openssh_conf_crypto_policy is misaligned with DISA

Outcome:

SSG result: fail DISA result: pass

The issue is present in these test variants:

  • oscap
  • ansible
  • anaconda

SCAP Security Guide Version:

latest master

External Content's Version:

RHEL9 V1R2

mildas avatar Apr 08 '24 13:04 mildas

Needs more investigation, not enough details.

Mab879 avatar Apr 12 '24 13:04 Mab879

This is the relevant STIG: https://stigaview.com/products/rhel9/v1r2/RHEL-09-255060/ And I think this needs to be changed on DISA's side. Primarily, the whole check is wrong; the text is talking about SSH client, but the check is performed on the file for SSH server.

vojtapolasek avatar Apr 12 '24 14:04 vojtapolasek