a841e184de
This patch updates the documentation for the developer notes associated with the Cat 2 (Medium) controls applied by the security role. Partial-bug: 1583744 Change-Id: Ic342f33942521db009185585a21208a4688f6ed3
16 lines
578 B
ReStructuredText
16 lines
578 B
ReStructuredText
The STIG requires SHA512 to be used for hashing password since it is
|
|
in the list of FIPS 140-2 approved hashing algorithms. This is also the
|
|
default in Ubuntu 14.04, Ubuntu 16.04, and CentOS 7.
|
|
|
|
The Ansible tasks will verify that the secure default is still set in
|
|
``/etc/login.defs``. If it has been altered, the playbook will fail
|
|
and display an error.
|
|
|
|
Further reading:
|
|
|
|
* `FIPS 140-2 on Wikipedia`_
|
|
* `FIPS 140-2 from NIST`_
|
|
|
|
.. _FIPS 140-2 on Wikipedia: https://en.wikipedia.org/wiki/FIPS_140-2
|
|
.. _FIPS 140-2 from NIST: http://csrc.nist.gov/groups/STM/cmvp/standards.html
|