On Wed, Feb 21, 2018 at 10:22 PM, Ben McGinnes <b...@adversary.org> wrote: >> And when you're on those certified, curated systems, you have >> access to tools like >> https://www.open-scap.org/resources/documentation/make-a-rhel7-server-compliant-with-pci-dss/ >> to help make sure you're in compliance, I think. > > open-scap.org is a RedHat service > and most likely only supplied to RHEL customers seeking PCI-DSS > compliance along with direct support via their service contract.
https://www.open-scap.org/download/ shows they provide an open source tool which is in repositories for four redhat-ish distros and two debian-ish distros; on Ubuntu, I was able to walk down the path of using it a bit, looks a bit rusty, but see https://github.com/OpenSCAP/scap-security-guide So it doesn't seem to be RHEL-only. (They have a value-added tool that is, of course.) - Dan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
