RHEL 10 must have the "libreswan" package installed.

STIG ID: RHEL-10-200680  |  SRG: SRG-OS-000120-GPOS-00061 |  Severity: medium (CAT II)  |  CCI: CCI-000803 |  Vulnerability Id: V-280996

Vulnerability Discussion

Providing the ability for remote users or systems to initiate a secure virtual private network connection protects information when it is transmitted over a wide area network.

Check

Note: If there is no operational need for Libreswan to be installed, this rule is not applicable.

Verify RHEL 10 has the "libreswan" service package installed with the following command:

$ sudo dnf list --installed libreswan
Installed Packages
libreswan.x86_64 5.2-1.el10_0 @AppStream

If the "libreswan" package is not installed, this is a finding.

Fix

Configure RHEL 10 to have the "libreswan" service package installed with the following command:

$ sudo dnf -y install libreswan
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.