RHEL-9-V2R6:OpenSCAP profile V2R5 expects different MAC order than STIG benchmark V2R6 specifies

#### Description of problem:
DISA STIG  requires configuring SSH Server to use FIPS 140-3 Validated MACs, but OpenSCAP audit logic expects a different MAC order than what the current STIG benchmark V2R6 specifies


#### Details:
OpenSCAP profile V2R5 expects MACs in order '256-etm,512-etm' but STIG benchmark specifies STIG.pmod with 'mac@SSH=HMAC-SHA2-512 HMAC-SHA2-256

The misalignment affects this profile:

RHEL-09 V2R1-V2R6 STIG
The misalignment affects this rule:

RHEL-09-255075
Outcome:
The OpenSCAP tests are corrected to look for the correct audit rule

SCAP Security Guide Version: https://github.com/ComplianceAsCode/content/releases/tag/v0.1.79



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

RHEL-9-V2R6:OpenSCAP profile V2R5 expects different MAC order than STIG benchmark V2R6 specifies #14599

Description of problem:

Details:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

RHEL-9-V2R6:OpenSCAP profile V2R5 expects different MAC order than STIG benchmark V2R6 specifies #14599

Description

Description of problem:

Details:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions