Chapter 8. Security

8.1. Changes in core cryptographic components

8.1.1. System-wide cryptographic policies are applied by default

Crypto-policies is a component in Red Hat Enterprise Linux 8, which configures the core cryptographic subsystems, covering the TLS, IPsec, DNSSEC, Kerberos protocols, and the OpenSSH suite. It provides a small set of policies, which the administrator can select using the update-crypto-policies command.

The DEFAULT system-wide cryptographic policy offers secure settings for current threat models. It allows the TLS 1.2 and 1.3 protocols, as well as the IKEv2 and SSH2 protocols. The RSA keys and Diffie-Hellman parameters are accepted if larger than 2047 bits.

See the Consistent security by crypto policies in Red Hat Enterprise Linux 8 article on the Red Hat Blog and the update-crypto-policies(8) man page for more information.

8.1.2. Strong crypto defaults by removing insecure cipher suites and protocols

The following list contains cipher suites and protocols removed from the core cryptographic libraries in RHEL 8. They are not present in the sources, or their support is disabled during the build, so applications cannot use them.

  • DES (since RHEL 7)
  • All export grade cipher suites (since RHEL 7)
  • MD5 in signatures (since RHEL 7)
  • SSLv2 (since RHEL 7)
  • SSLv3 (since RHEL 8)
  • All ECC curves < 224 bits (since RHEL 6)
  • All binary field ECC curves (since RHEL 6)

8.1.3. Cipher suites and protocols disabled in all policy levels

The following cipher suites and protocols are disabled in all crypto policy levels. They can be enabled only by an explicit configuration of individual applications.

  • DH with parameters < 1024 bits
  • RSA with key size < 1024 bits
  • Camellia
  • ARIA
  • SEED
  • IDEA
  • Integrity-only cipher suites
  • TLS CBC mode cipher suites using SHA-384 HMAC
  • AES-CCM8
  • All ECC curves incompatible with TLS 1.3, including secp256k1
  • IKEv1 (since RHEL 8)

8.1.4. Switching the system to FIPS mode

The system-wide cryptographic policies contain a policy level that enables cryptographic modules self-checks in accordance with the requirements by Federal Information Processing Standard (FIPS) Publication 140-2. The fips-mode-setup tool that enables or disables FIPS mode internally uses the FIPS system-wide cryptographic policy level.

To switch the system to FIPS mode in RHEL 8, enter the following command and restart your system:

# fips-mode-setup --enable

See the fips-mode-setup(8) man page for more information.

8.1.5. TLS 1.0 and TLS 1.1 are deprecated

The TLS 1.0 and TLS 1.1 protocols are disabled in the DEFAULT system-wide cryptographic policy level. If your scenario, for example, a video conferencing application in the Firefox web browser, requires using the deprecated protocols, switch the system-wide cryptographic policy to the LEGACY level:

# update-crypto-policies --set LEGACY

For more information, see the Strong crypto defaults in RHEL 8 and deprecation of weak crypto algorithms Knowledgebase article on the Red Hat Customer Portal and the update-crypto-policies(8) man page.

8.1.6. TLS 1.3 support in cryptographic libraries

This update enables Transport Layer Security (TLS) 1.3 by default in all major back-end crypto libraries. This enables low latency across the operating system communications layer and enhances privacy and security for applications by taking advantage of new algorithms, such as RSA-PSS or X25519.

8.1.7. DSA is deprecated in RHEL 8

The Digital Signature Algorithm (DSA) is considered deprecated in Red Hat Enterprise Linux 8. Authentication mechanisms that depend on DSA keys do not work in the default configuration. Note that OpenSSH clients do not accept DSA host keys even in the LEGACY system-wide cryptographic policy level.

8.1.8. SSL2 Client Hello has been deprecated in NSS

The Transport Layer Security (TLS) protocol version 1.2 and earlier allow to start a negotiation with a Client Hello message formatted in a way that is backward compatible with the Secure Sockets Layer (SSL) protocol version 2. Support for this feature in the Network Security Services (NSS) library has been deprecated and it is disabled by default.

Applications that require support for this feature need to use the new SSL_ENABLE_V2_COMPATIBLE_HELLO API to enable it. Support for this feature may be removed completely in future releases of Red Hat Enterprise Linux 8.

8.1.9. NSS now use SQL by default

The Network Security Services (NSS) libraries now use the SQL file format for the trust database by default. The DBM file format, which was used as a default database format in previous releases, does not support concurrent access to the same database by multiple processes and it has been deprecated in upstream. As a result, applications that use the NSS trust database to store keys, certificates, and revocation information now create databases in the SQL format by default. Attempts to create databases in the legacy DBM format fail. The existing DBM databases are opened in read-only mode, and they are automatically converted to the SQL format. Note that NSS support the SQL file format since Red Hat Enterprise Linux 6.

8.2. SSH

8.2.1. OpenSSH rebased to version 7.8p1

The openssh packages have been upgraded to upstream version 7.8p1. Notable changes include:

  • Removed support for the SSH version 1 protocol.
  • Removed support for the hmac-ripemd160 message authentication code.
  • Removed support for RC4 (arcfour) ciphers.
  • Removed support for Blowfish ciphers.
  • Removed support for CAST ciphers.
  • Changed the default value of the UseDNS option to no.
  • Disabled DSA public key algorithms by default.
  • Changed the minimal modulus size for Diffie-Hellman parameters to 2048 bits.
  • Changed semantics of the ExposeAuthInfo configuration option.
  • The UsePrivilegeSeparation=sandbox option is now mandatory and cannot be disabled.
  • Set the minimal accepted RSA key size to 1024 bits.

8.2.2. libssh implements SSH as a core cryptographic component

This change introduces libssh as a core cryptographic component in Red Hat Enterprise Linux 8. The libssh library implements the Secure SHell (SSH) protocol.

Note that libssh does not comply with the system-wide crypto policy.

8.2.3. libssh2 is not available in RHEL 8

The deprecated libssh2 library misses features, such as support for elliptic curves or Generic Security Service Application Program Interface (GSSAPI), and it has been removed from RHEL 8 in favor of libssh

8.3. Rsyslog

8.3.1. The default rsyslog configuration file format is now non-legacy

The configuration files in the rsyslog packages now use the non-legacy format by default. The legacy format can be still used, however, mixing current and legacy configuration statements has several constraints. Configurations carried from previous RHEL releases should be revised. See the rsyslog.conf(5) man page for more information.

8.3.2. The imjournal option and configuring system logging with minimized journald usage

To avoid duplicate records that might appear when journald rotated its files, the imjournal option has been added. Note that use of this option can affect performance.

Note that the system with rsyslog can be configured to provide better performance as described in the Configuring system logging without journald or with minimized journald usage Knowledgebase article.

8.3.3. Negative effects of the default logging setup on performance

The default logging environment setup might consume 4 GB of memory or even more and adjustments of rate-limit values are complex when systemd-journald is running with rsyslog.

See the Negative effects of the RHEL default logging setup on performance and their mitigations Knowledgebase article for more information.

8.4. OpenSCAP

8.4.1. OpenSCAP API consolidated

This update provides OpenSCAP shared library API that has been consolidated. 63 symbols have been removed, 14 added, and 4 have an updated signature. The removed symbols in OpenSCAP 1.3.0 include:

  • symbols that were marked as deprecated in version 1.2.0
  • SEAP protocol symbols
  • internal helper functions
  • unused library symbols
  • unimplemented symbols

8.4.2. A utility for security and compliance scanning of containers is not available

In Red Hat Enterprise Linux 7, the oscap-docker utility can be used for scanning of Docker containers based on Atomic technologies. In Red Hat Enterprise Linux 8, the Docker- and Atomic-related OpenSCAP commands are not available. As a result, oscap-docker or an equivalent utility for security and compliance scanning of containers is not available in RHEL 8 at the moment.

8.5. Audit

8.5.1. Audit 3.0 replaces audispd with auditd

With this update, functionality of audispd has been moved to auditd. As a result, audispd configuration options are now part of auditd.conf. In addition, the plugins.d directory has been moved under /etc/audit. The current status of auditd and its plug-ins can now be checked by running the service auditd state command.

8.6. SELinux

8.6.1. New SELinux booleans

This update of the SELinux system policy introduces the following booleans:

  • colord_use_nfs
  • mysql_connect_http
  • pdns_can_network_connect_db
  • ssh_use_tcpd
  • sslh_can_bind_any_port
  • sslh_can_connect_any_port
  • virt_use_pcscd

To get a list of booleans including their meaning, and to find out if they are enabled or disabled, install the selinux-policy-devel package and use:

# semanage boolean -l

8.6.2. SELinux packages migrated to Python 3

The functionality of the libselinux-python package is now provided by the python3-libselinux package, and the policycoreutils-python has been replaced by the policycoreutils-python-utils and python3-policycoreutils packages.

8.7. Removed security functionality

8.7.1. shadow-utils no longer allow all-numeric user and group names

The useradd and groupadd commands disallow user and group names consisting purely of numeric characters. The reason for not allowing such names is that this can confuse potentially many tools that work with user and group names and user and group ids (which are numbers). Please note that the all-numeric user and group names are deprecated in Red Hat Enterprise Linux 7 and their support is completely removed in Red Hat Enterprise Linux 8.

8.7.2. securetty is now disabled by default

Because of the dynamic nature of tty device files on modern Linux systems, the securetty PAM module has been disabled by default and the /etc/securetty configuration file is no longer included in RHEL. Since /etc/securetty listed many possible devices so that the practical effect in most cases was to allow by default, this change has only a minor impact. However, if you use a more restrictive configuration, you need to add a line enabling the pam_securetty.so module to the appropriate files in the /etc/pam.d directory, and create a new /etc/securetty file.

8.7.3. The Clevis HTTP pin has been removed

The Clevis HTTP pin has been removed from RHEL 8, and the clevis encrypt http sub-command is no longer available.

8.7.4. Coolkey has been removed

The Coolkey driver for smart cards has been removed from RHEL 8, and OpenSC now provides its functionality.

8.7.5. crypto-utils have been removed

The crypto-utils packages have been removed from RHEL 8. You can use tools provided by the openssl, gnutls-utils, and nss-tools packages instead.

8.7.6. KLIPS has been removed from Libreswan

In Red Hat Enterprise Linux 8, support for Kernel IP Security (KLIPS) IPsec stack has been removed from Libreswan.