February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Setting system-wide encryption policies on RHEL 8/CentOS 8
In Chapter 5, Encryption Technologies, we briefly looked at how to set system-wide encryption policies on CentOS 8. With this brand-new feature, you no longer have to configure crypto policies for each individual daemon. Instead, you just run a couple of simple commands, and the policy is instantly changed for multiple daemons. To see which daemons are covered, look in the /etc/crypto-policies/back-ends/ directory. Here's a partial view of what's there:
[donnie@localhost back-ends]$ ls -ltotal 0. . .. . .lrwxrwxrwx. 1 root root 46 Sep 24 18:17 openssh.config -> /usr/share/crypto-policies/DEFAULT/openssh.txtlrwxrwxrwx. 1 root root 52 Sep 24 18:17 opensshserver.config -> /usr/share/crypto-policies/DEFAULT/opensshserver.txt ...