RHEL 9 must have the rng-tools package installed.

STIG ID: RHEL-09-215090  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-257841

Vulnerability Discussion

"rng-tools" provides hardware random number generator tools, such as those used in the formation of x509/PKI certificates.

Check

Verify that RHEL 9 has the rng-tools package installed with the following command:

$ sudo dnf list --installed rng-tools

Example output:

rng-tools.x86_64 6.14-2.git.b2b7934e.el9

If the "rng-tools" package is not installed, this is a finding.

Fix

The rng-tools package can be installed with the following command:

$ sudo dnf install rng-tools