Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: rhel-9.1.0
Component/s: scap-security-guide
Labels:
- MigratedToJIRA
- Triaged

Reset contact to default:

Assignee, Qa Contact, Doc Contact, Pool Team, Watchers, Developer
Bugzilla Bug:
RHBZ: 2192832

Pool Team:

sst_security_compliance
Sub-System Group:

ssg_security

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Docs Impact:
Unspecified

Release Note Type:
No Doc Update

Architecture:

Unspecified

SFDC Cases Counter:
SFDC Cases Links:

Description

Description of problem:
When applying CIS Level 2 - Server security profile during RHEL 9.1 installation the password encryption algorithm is configured twice and it's unclear which one would be used:

password sufficient pam_unix.so yescrypt shadow use_authtok sha512

This should obviously read (when sha512 is wanted):

password sufficient pam_unix.so sha512 shadow use_authtok

Version-Release number of selected component (if applicable):
RHEL 9.1

Attachments

Issue Links

external trackers

Red Hat Issue Tracker RHELPLAN-156280

Activity

People

Assignee:: Vojtech Polasek

Reporter:: Marko Myllynen

Developer:: Vojtech Polasek

QA Contact:: SSG Security QE

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 6 days ago 2:01 PM

Updated:: 6 days ago 2:29 PM