STIGQter STIGQter: STIG Summary: SUSE Linux Enterprise Server 15 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 23 Apr 2021:

FIPS 140-2 mode must be enabled on the SUSE operating system.

DISA Rule

SV-234859r622137_rule

Vulnerability Number

V-234859

Group Title

SRG-OS-000396-GPOS-00176

Rule Version

SLES-15-010510

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

To configure the SUSE operating system to run in FIPS mode, add "fips=1" to the kernel parameter during the SUSE operating system install.

Enabling FIPS mode on a preexisting system involves a number of modifications to the SUSE operating system. Refer to section 9.1, "Crypto Officer Guidance", of the following document for installation guidance:

http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2435.pdf

Check Contents

Verify the SUSE operating system is running in FIPS mode by running the following command.

> cat /proc/sys/crypto/fips_enabled

1

If nothing is returned, the file does not exist, or the value returned is "0", this is a finding.

Vulnerability Number

V-234859

Documentable

False

Rule Version

SLES-15-010510

Severity Override Guidance

Verify the SUSE operating system is running in FIPS mode by running the following command.

> cat /proc/sys/crypto/fips_enabled

1

If nothing is returned, the file does not exist, or the value returned is "0", this is a finding.

Check Content Reference

M

Target Key

5274

Comments