Hi. Has anyone installed and ran Broadcom LSA 008.003.012.000 successfully under Rocky Linux 9.2? I am familiar with the installation steps. I can install and run LSA under Rocky Linux 8.8 and Ubuntu 20.04 LTS.
But it doesn’t work under 9.2. The installation log has this error
Edit: that’s unnecessarily broad of a change. As @jlehtone suggested below: update-crypto-policies --set DEFAULT:SHA1. Explicitly edited to ensure anyone stumbling on this post doesn’t follow my bad advice lol.
It might be possible to define a custom subpolicy that is more limited than the pre-defined SHA1 subpolicy (but still enough for the LSA). That, however, does not follow KISS.
The rhel-system-roles package makes Ansible playbook possible:
- hosts: all
roles:
role: rhel-system-roles.crypto_policies
vars:
crypto_policies_policy: "DEFAULT:SHA1"
Is that “more complicated” than just calling the update-crypto-policies? Yes, a bit, but then one has that detail of config in one additional place (in addition to .bash_history, good notes, and verbal communication from former colleagues).