Check: RHEL-08-010472
RHEL 8 STIG:
RHEL-08-010472
(in versions v1 r14 through v1 r3)
Title
RHEL 8 must have the packages required to use the hardware random number generator entropy gatherer service. (Cat III impact)
Discussion
The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems. The rngd service feeds random data from hardware device to kernel random device. Quality (non-predictable) random number generation is important for several security functions (i.e., ciphers).
Check Content
Check that RHEL 8 has the packages required to enabled the hardware random number generator entropy gatherer service with the following command: $ sudo yum list installed rng-tools rng-tools.x86_64 6.8-3.el8 @anaconda If the "rng-tools" package is not installed, this is a finding.
Fix Text
Install the packages required to enabled the hardware random number generator entropy gatherer service with the following command: $ sudo yum install rng-tools
Additional Identifiers
Rule ID: SV-244527r743830_rule
Vulnerability ID: V-244527
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |