Comment 10 for bug 1963834

Yes, managing the configurations for the huge variety of cryptography toolkits on a Linux system is definitely something of a chore. It would be nice to give people one command they could use to return to unsafe-but-compatible cryptography -- or enforce only modern cryptography.

Our friends at Red Hat have prepared https://gitlab.com/redhat-crypto/fedora-crypto-policies -- while a version of this is packaged: https://launchpad.net/ubuntu/+source/crypto-policies -- I don't believe it actually works on Ubuntu: https://bugs.launchpad.net/ubuntu/+source/crypto-policies/+bug/1926664

Maybe someday.

Thanks