STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated 3 hours ago
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to SUSE Linux Enterprise Server 15 Security Technical Implementation Guide

V-284950

CAT I (High)

The SUSE operating system must have the crypto-policies package installed.

Rule ID

SV-284950r1208919_rule

STIG

SUSE Linux Enterprise Server 15 Security Technical Implementation Guide

Version

V2R8

CCIs

CCI-002450

Discussion

Centralized cryptographic policies simplify applying secure ciphers across an operating system and the applications that run on that operating system. Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. SLES15 does not use the unified crypto-policies framework by default, and the crypto-policies-scripts package will need to be installed to use the framework. Satisfies: SRG-OS-000396-GPOS-00176, SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174

Check Content

Verify that the SUSE operating system uses the crypto-policies framework.

Verify that the crypto-policies packages are installed with the following command:

> sudo zypper se crypto-policies
Loading repository data...
Reading installed packages...

S  | Name                    | Summary                                | Type
---+-------------------------+----------------------------------------+--------
i  | crypto-policies         | System-wide crypto policies            | package
i+ | crypto-policies-scripts | Tool to switch between crypto policies | package

If both "crypto-policies" and "crypto-policies-scripts" are not installed, this is a finding.

Fix Text

Configure the SUSE operating system to use the crypto-policies framework.

Install the crypto-policies packages (if the package is not already installed) with the following command:

> sudo zypper install crypto-policies
> sudo zypper install crypto-policies-scripts