-
Story
-
Resolution: Done-Errata
-
Normal
-
rhel-9.5
-
crypto-policies-20240828-2.git626aa59.el9_5
-
1
-
rhel-sst-security-crypto
-
ssg_security
-
29
-
1
-
False
-
-
Yes
-
Crypto24Q3
-
Approved Exception
-
- when an open LUKS volume uses Argon, fips-mode-setup aborts
- when an open LUKS volume uses PBKDF2, fips-mode-setup proceeds"?
- there is no change when disk encryption is not used
-
Pass
-
Enabled
-
Automated
-
Enhancement
-
-
Done
-
None
If Argon2 is used as a KDF in LUKS, switching into FIPS mode will make a system unbootable starting from 9.5.
It's thus desireable to detect this scenario and block the switch in this case.
- is triggered by
-
RHEL-39003 unable to unlock encrypted disk after enabling FIPS mode
- Closed
- links to
-
RHBA-2024:129971 crypto-policies bug fix and enhancement update