Security
System-wide crypto policy
In the Enterprise IT, the security landscape is constantly evolving. Without robust cryptographic integrity protections, information can be altered by unauthorized users without detection. With Red Hat Enterprise Linux 8.0 the system-wide crypto policy was introduced. This component configures the core cryptographic subsystems, covering TLS, IPSec, DNSSec, Kerberos, and secure communication protocols. This allows to apply a consistent cryptographic policy at scale. The predefined policies are DEFAULT, LEGACY, FUTURE, FIPS. The default system-wide crypto policy is set to DEFAULT by Red Hat. Beside the vendor-specific policies, it is possible to specify customized crypto policies.
More information here: System-wide crypto policies
Swisscom crypto policy for RHEL 8 and RHEL 9
On Managed RHEL 8 and Managed RHEL 9 VMs, the SWISSCOM customized crypto policy is enabled and enforced with Ansible. You can check the enabled crypto policy by using the update-crypto-policies tool:
$ update-crypto-policies --show
SWISSCOM
The table below shows the relevant differences between the SWISSCOM and the vendor-specific DEFAULT crypto policy. The enabled SWISSCOM crypto policy is a conservative policy for today’s security standards. It allows the TLS 1.2 and 1.3 protocols, as well as IKEv2 and SSH2. The RSA and Diffie-Hellman parameters are accepted if larger than 2047 respectively 3071 bits. The policy provides at least 128-bit security, except for SHA-1 signatures needed for DNSSec and other still prevalent legacy use of SHA-1 signatures.
| SWISSCOM Policy | DEFAULT Policy RHEL 8 | DEFAULT Policy RHEL 9 | |
|---|---|---|---|
| TLS v1.0 | no | no | no |
| TLS v1.1 | no | no | no |
| TLS v1.2 | yes | yes | yes |
| TLS v1.3 | yes | yes | yes |
| Internet Key Exchange (IKE) v1 | no | no | no |
| Internet Key Exchange (IKE) v2 | yes | yes | yes |
| Diffie-Hellman (DH) key size | min. 2048-bit | min. 2048-bit | min. 2048-bit |
| DSA key size | min. 3072-bit | min. 2048-bit | N/A (no DSA) |
| RSA key size | min. 3072-bit | min. 2048-bit | min. 2048-bit |
| SHA-1 in digital signatures | yes | yes | no |
| OpenSSH certificate authentication | yes | yes | yes |
| OpenSSH EtM (encrypt-then-mac) extension | yes | yes | yes |
| Message Authentication Code (MAC) | all HMAC with SHA-256 or better | all HMAC with SHA-1 or better | all HMAC with SHA-1 or better |
| Cryptographic hash | all with SHA-256 hash or better | all with SHA-1 hash or better | all with SHA-224 hash or better (no DSA) |
| Signature algorithm | all with SHA-256 hash or better (no DSA) | all with SHA-1 hash or better (no DSA) | all with SHA-224 hash or better (no DSA) |
| Key exchange algorithm | ECDHE, RSA, DHE, DHE-RSA | ECDHE, RSA, DHE, DHE-RSA, PSK, DHE-PSK, ECDHE-PSK, ECDHE-GSS, DHE-GSS | ECDHE, RSA, DHE (no DHE-DSS) |
| TLS ciphers | min. 256-bit key, min. 128-bit block, including AES, ChaCha20, AES-CBC | min. 128-bit key, min. 128-bit block, including AES, ChaCha20, AES-CBC | min. 128-bit key, min. 128-bit block (AES, ChaCha20) |
| Non-TLS ciphers | same as TLS ciphers with added Camellia | same as TLS ciphers with added Camellia | min. 128-bit key, min. 128-bit block (AES, ChaCha20) |
| Groups or elliptic curves | all prime >= 255 bits (including Bernstein curves) | all prime >= 255 bits (including Bernstein curves) | all prime >= 255 bits (including Bernstein curves) |
Exception for Crypto policies
If you have an approved security exception and you want to customize the SWISSCOM crypto policy this is documented in this howto-article.
Controlling access to crontab command for users
On Managed RHEL the OS hardening blocks users to perform crontab command tasks such as creating, editing, displaying, or removing their own crontab files. To allow this for a specific user the username must be added to the file /etc/cron.allow
$ echo <username> |sudo tee -a /etc/cron.allow