Check crypto-policy

Overview

Checks the system’s current crypto policy against a desired one, and returns a warning on a non-match. If --policy is ommited, we suppose crypto policy is DEFAULT.

Fact Sheet

Check Plugin Download	https://github.com/Linuxfabrik/monitoring-plugins/tree/main/check-plugins/crypto-policy
Check Interval Recommendation	Every 15 minutes
Can be called without parameters	Yes
Compiled for	Linux

Help

usage: crypto-policy [-h] [-V] [--always-ok] [--policy CRYPTO_POLICY]

Checks the current crypto policy against a desired one, and returns a warning
on a non-match.

options:
  -h, --help            show this help message and exit
  -V, --version         show program's version number and exit
  --always-ok           Always returns OK.
  --policy CRYPTO_POLICY
                        The expected crypto policy (full name), for example
                        "FUTURE" (case-insensitive). Default: DEFAULT

Usage Examples

./crypto-policy --policy FUTURE

Output:

Crypto policy is "DEFAULT" (as expected).

States

WARN if crypto policy is not as expected.

Perfdata / Metrics

There is no perfdata.

Credits, License

Authors: Linuxfabrik GmbH, Zurich
License: The Unlicense, see LICENSE file.