STIGQter: STIG Summary: Red Hat Enterprise Linux 8 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

RHEL 8 must ensure the SSH server uses strong entropy.

DISA Rule

SV-230253r627750_rule

Vulnerability Number

V-230253

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

RHEL-08-010292

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the operating system SSH server to use strong entropy.

Add or modify the following line in the "/etc/sysconfig/sshd" file.

SSH_USE_STRONG_RNG=32

The SSH service must be restarted for changes to take effect.

Check Contents

Verify the operating system SSH server uses strong entropy with the following command:

Note: If the operating system is RHEL versions 8.0 or 8.1, this requirement is not applicable.

$ sudo grep -i ssh_use_strong_rng /etc/sysconfig/sshd

SSH_USE_STRONG_RNG=32

If the "SSH_USE_STRONG_RNG" line does not equal "32", is commented out or missing, this is a finding.

Vulnerability Number

V-230253

Documentable

False

Rule Version

RHEL-08-010292

Severity Override Guidance

Verify the operating system SSH server uses strong entropy with the following command:

Note: If the operating system is RHEL versions 8.0 or 8.1, this requirement is not applicable.

$ sudo grep -i ssh_use_strong_rng /etc/sysconfig/sshd

SSH_USE_STRONG_RNG=32

If the "SSH_USE_STRONG_RNG" line does not equal "32", is commented out or missing, this is a finding.

Check Content Reference

M

Target Key

2921

Comments