Will a FIPS mode disabled RHEL server is an open vulnerable server from an attackers perspective? I came across a vendor who patch their servers for known vulnerability weekly, have MFA enabled and other security lockdown but FIPS mode disabled. Not just going with theories, but realistically, does having FIPS disabled on Linux kernel level (when they have secured boot enabled too) make them vulnerable?

Share This Discussion

1 Comment

  • Acceptable_Repeat908

    November 9, 2021

    They are not more vulnerable having FIPS disabled.

    There’s some good information as to why, including a lot of threads in this very sub in the past 6 months I think that have discussed this.

    Maybe Google: “FIPS mode” site:reddit.com

    Reply

Leave a Comment

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.