Amazon Linux 2023 must enable FIPS mode.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
high	V-274057	SRG-OS-000033-GPOS-00014	AZLX-23-001280	SV-274057r1120159_rule	2025-11-20	1

Description
Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. Amazon Linux 2023 must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPOS-00176, SRG-OS-000423-GPOS-00187, SRG-OS-000478-GPOS-00223

Description

Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. Amazon Linux 2023 must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated. Satisfies: SRG-OS-000033-GPOS-00014, SRG-OS-000125-GPOS-00065, SRG-OS-000396-GPOS-00176, SRG-OS-000423-GPOS-00187, SRG-OS-000478-GPOS-00223

ℹ️ Check
Verify Amazon Linux 2023 is in FIPS mode with the following command: $ sudo fips-mode-setup --check FIPS mode is enabled. If FIPS mode is not enabled, this is a finding.

✔️ Fix
Configure Amazon Linux 2023 to implement FIPS mode with the following commands: $ sudo fips-mode-setup --enable Reboot the system for the changes to take effect.