Oracle Linux: FIPS 140-2 Approved HMACs Conflicts with DISA STIG Compliance
(Doc ID 2880653.1)
Last updated on SEPTEMBER 23, 2024
Applies to:
Linux OS - Version Oracle Linux 7.9 and laterLinux x86-64
Goal
FIPS 140-2 approved HMACs consist of the following as per the following document:
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4176.pdf
- hmac-sha1
- hmac-sha2-256
- hmac-sha2-512
- hmac-sha1-etm@openssh.com
- hmac-sha2-256-etm@openssh.com
- hmac-sha2-512-etm@openssh.com
In which DISA STIG Compliance would fail if the following HMACs is included:
- hmac-sha1-etm@openssh.com
- hmac-sha2-256-etm@openssh.com
- hmac-sha2-512-etm@openssh.com
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |
References |