documentation_complete: true


title: 'Use Only FIPS 140-2 Validated MACs'

description: |-
    Limit the MACs to those hash algorithms which are FIPS-approved.
    The following line in <tt>/etc/ssh/sshd_config</tt>
    demonstrates use of FIPS-approved MACs:
{{% if product in ["sle12", "sle15", "slmicro5", "slmicro6"] %}}
    <pre>MACs hmac-sha2-512,hmac-sha2-256</pre>
{{% else %}}
    <pre>MACs hmac-sha2-512,hmac-sha2-256,hmac-sha1</pre>
{{% endif %}}
    The man page <tt>sshd_config(5)</tt> contains a list of supported MACs.
{{% if product in ["ol7"] %}}
    <br /><br />
    Only the following message authentication codes are FIPS 140-2 certified on {{{ full_name }}}:
    <br />- hmac-sha1
    <br />- hmac-sha2-256
    <br />- hmac-sha2-512
    <br />- hmac-sha1-etm@openssh.com
    <br />- hmac-sha2-256-etm@openssh.com
    <br />- hmac-sha2-512-etm@openssh.com
    <br /><br />
    Any combination of the above MACs will pass this check. Official FIPS 140-2 paperwork for
    {{{ full_name }}} can be found at
    {{% if product == "ol7" %}}
    {{{ weblink(link="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3028.pdf") }}}
    {{% else %}}
    {{{ weblink(link="http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2630.pdf") }}}
    {{% endif %}}
{{% endif %}}
    The rule is parametrized to use the following MACs: <code>{{{ xccdf_value("sshd_approved_macs") }}}</code>.

rationale: |-
    FIPS-approved cryptographic hash functions are required to be used.
    The only SSHv2 hash algorithms meeting this requirement is SHA2.

severity: medium

identifiers:
    cce@rhel8: CCE-82198-3
    cce@sle12: CCE-83036-4
    cce@sle15: CCE-91338-4
    cce@slmicro5: CCE-93691-4
    cce@slmicro6: CCE-94680-6

references:
    cis-csc: 1,12,13,15,16,5,8
    cis@sle12: 5.2.14
    cis@sle15: 5.2.14
    cobit5: APO01.06,APO13.01,DSS01.04,DSS05.02,DSS05.03,DSS05.04,DSS05.07,DSS06.02,DSS06.03
    cui: 3.1.13,3.13.11,3.13.8
    hipaa: 164.308(b)(1),164.308(b)(2),164.312(e)(1),164.312(e)(2)(i),164.312(e)(2)(ii),164.314(b)(2)(i)
    isa-62443-2009: 4.3.3.5.1,4.3.3.6.6
    isa-62443-2013: 'SR 1.1,SR 1.13,SR 1.2,SR 1.3,SR 1.4,SR 1.5,SR 1.7,SR 1.8,SR 1.9,SR 2.6,SR 3.1,SR 3.5,SR 3.8,SR 4.1,SR 4.3,SR 5.1,SR 5.2,SR 5.3,SR 7.1,SR 7.6'
    iso27001-2013: A.10.1.1,A.11.1.4,A.11.1.5,A.11.2.1,A.11.2.6,A.13.1.1,A.13.1.3,A.13.2.1,A.13.2.3,A.13.2.4,A.14.1.2,A.14.1.3,A.6.1.2,A.6.2.1,A.6.2.2,A.7.1.1,A.7.1.2,A.7.3.1,A.8.2.2,A.8.2.3,A.9.1.1,A.9.1.2,A.9.2.1,A.9.2.2,A.9.2.3,A.9.2.4,A.9.2.6,A.9.3.1,A.9.4.1,A.9.4.2,A.9.4.3,A.9.4.4,A.9.4.5
    nist: CM-6(a),AC-17(a),AC-17(2),SC-13,MA-4(6),SC-12(2),SC-12(3)
    nist-csf: PR.AC-1,PR.AC-3,PR.DS-5,PR.PT-4
    srg: SRG-OS-000125-GPOS-00065,SRG-OS-000250-GPOS-00093,SRG-OS-000394-GPOS-00174
    stigid@sle12: SLES-12-030180
    stigid@sle15: SLES-15-010270

ocil_clause: 'MACs option is commented out or not using FIPS-approved hash algorithms'

ocil: |-
    Only FIPS-approved MACs should be used. To verify that only FIPS-approved
    MACs are in use, run the following command:
    <pre>$ sudo grep -i macs /etc/ssh/sshd_config</pre>
    The output should contain only those MACs which are FIPS-approved. Any use of other
    ciphers or algorithms will result in the module entering the non-FIPS mode of
    operation.

warnings:
    - general: |-
        The system needs to be rebooted for these changes to take effect.
    - regulatory: |-
        System Crypto Modules must be provided by a vendor that undergoes
        FIPS-140 certifications.
        FIPS-140 is applicable to all Federal agencies that use
        cryptographic-based security systems to protect sensitive information
        in computer and telecommunication systems (including voice systems) as
        defined in Section 5131 of the Information Technology Management Reform
        Act of 1996, Public Law 104-106. This standard shall be used in
        designing and implementing cryptographic modules that Federal
        departments and agencies operate or are operated for them under
        contract. See <b>{{{ weblink(link="https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.140-2.pdf") }}}</b>
        To meet this, the system has to have cryptographic software provided by
        a vendor that has undergone this certification. This means providing
        documentation, test results, design information, and independent third
        party review by an accredited lab. While open source software is
        capable of meeting this, it does not meet FIPS-140 unless the vendor
        submits to this process.