CCE-90970-5Platform: rhel7 | Date: (C)2017-06-29 (M)2022-10-10 |
Encrypt Partitions
Red Hat Enterprise Linux 7 natively supports partition encryption through the
Linux Unified Key Setup-on-disk-format (LUKS) technology. The easiest way to
encrypt a partition is during installation time.
For manual installations, select the 'Encrypt' checkbox during
partition creation to encrypt the partition. When this
option is selected the system will prompt for a passphrase to use in
decrypting the partition. The passphrase will subsequently need to be entered manually
every time the system boots.
For automated/unattended installations, it is possible to use Kickstart by adding
the '--encrypted' and '--passphrase=' options to the definition of each partition to be
encrypted. For example, the following line would encrypt the root partition:
'part / --fstype=ext4 --size=100 --onpart=hda1 --encrypted --passphrase=PASSPHRASE'
Any
Parameter:
Technical Mechanism:
The risk of a system's physical compromise, particularly mobile systems such as
laptops, places its data at risk of compromise. Encrypting this data mitigates
the risk of its loss if the system is lost.
Fix:
No Remediation Info
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: