Merge pull request #14550 from mrkanon/remove_ssh_crypto_policy_ol

Remove ssh_crypto_policy for OL9 and OL10  profiles

Author: Mab879

controls/ccn_ol9.yml

@@ -321,7 +321,7 @@ controls:
           - advanced
       status: automated
       rules:
-          - configure_ssh_crypto_policy
+          - configure_crypto_policy
 
     - id: A.5.SEC-OL7
       title: Network Session Inactivity is Controlled
@@ -655,7 +655,7 @@ controls:
       notes: |-
           It overlaps the rule in A.5.SEC-OL6 requirement
       related_rules:
-          - configure_ssh_crypto_policy
+          - configure_crypto_policy
 
     - id: A.11.SEC-OL7
       title: GUI Idle Time is Limited

products/ol10/profiles/e8.profile

@@ -33,3 +33,4 @@ selections:
     # authselect is enabled by default
     - '!enable_authselect'
     - var_authselect_profile=local
+    - '!configure_ssh_crypto_policy'

products/ol10/profiles/hipaa.profile

@@ -61,6 +61,7 @@ selections:
     - '!sshd_disable_kerb_auth'
     - '!sshd_disable_gssapi_auth'
     - '!service_rlogin_disabled'
+    - '!configure_ssh_crypto_policy'
 
     # authselect is enabled by default
     - '!enable_authselect'

products/ol10/profiles/ism_o.profile

@@ -75,6 +75,7 @@ selections:
     - '!accounts_password_all_shadowed'
     - '!usbguard_allow_hid_and_hub'
     - '!sshd_allow_only_protocol2'
+    - '!configure_ssh_crypto_policy'
 
     # Older rules, no longer needed
     - '!security_patches_up_to_date'

products/ol10/profiles/ism_o_secret.profile

@@ -76,6 +76,7 @@ selections:
     - "!usbguard_allow_hid_and_hub"
     - "!sshd_allow_only_protocol2"
     - var_authselect_profile=local
+    - "!configure_ssh_crypto_policy"
 
     # Needed for references in other products
     - '!security_patches_up_to_date'

products/ol10/profiles/ism_o_top_secret.profile

@@ -76,6 +76,7 @@ selections:
     - "!usbguard_allow_hid_and_hub"
     - "!sshd_allow_only_protocol2"
     - var_authselect_profile=local
+    - "!configure_ssh_crypto_policy"
 
     # Needed for references in other products
     - '!security_patches_up_to_date'

products/ol10/profiles/ospp.profile

@@ -65,3 +65,4 @@ selections:
     - '!zipl_page_alloc_shuffle_argument'
     - '!zipl_systemd_debug-shell_argument_absent'
     - var_authselect_profile=local
+    - '!configure_ssh_crypto_policy'

products/ol10/profiles/pci-dss.profile

@@ -77,3 +77,4 @@ selections:
     #  Irrelevant for ol10
     - '!enable_dconf_user_profile'
     - var_authselect_profile=local
+    - '!configure_ssh_crypto_policy'

products/ol9/profiles/e8.profile

@@ -27,3 +27,4 @@ selections:
     - '!package_talk_removed'
     - '!package_talk-server_removed'
     - '!ensure_redhat_gpgkey_installed'
+    - '!configure_ssh_crypto_policy'

products/ol9/profiles/hipaa.profile

@@ -89,3 +89,4 @@ selections:
     - "!sshd_use_approved_ciphers"
     - "!sshd_use_approved_macs"
     - "!sshd_use_priv_separation"
+    - "!configure_ssh_crypto_policy"