Documentation - V-273995

V-273995

Amazon Linux 2023 Security Technical Implementation Guide

CAT II

Title

Amazon Linux 2023 must ensure cryptographic verification of vendor software packages.

Description

<VulnDiscussion>Cryptographic verification of vendor software packages ensures that all software packages are obtained from a valid source and protects against spoofing that could lead to installation of malware on the system. Amazon Linux cryptographically signs all software packages, which includes updates, with a GPG key to Verify they are valid.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><Seve...

Fix Text (Documentation Requirement)

Configure Amazon Linux 2023 to have the public key for verifying RPM packages to be installed with the "system-release" package. Install the system-release installation with the following command: $ sudo dnf install -y system-release Ensure cryptographic verification of software packages is enabled by editing /etc/dnf/dnf.conf and under '[main]' in the configuration file add: gpgcheck=1

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel