diff --git a/roles/rkhunter/templates/rkhunter.conf.j2 b/roles/rkhunter/templates/rkhunter.conf.j2
index d959888f2e..baa57f24ee 100644
--- a/roles/rkhunter/templates/rkhunter.conf.j2
+++ b/roles/rkhunter/templates/rkhunter.conf.j2
@@ -326,6 +326,14 @@ ALLOWHIDDENFILE=/usr/bin/.ssh-keyscan.hmac
 ALLOWHIDDENFILE=/usr/bin/.ssh-keygen.hmac
 ALLOWHIDDENFILE=/usr/bin/.ssh.hmac
 ALLOWHIDDENFILE=/usr/bin/.fipscheck.hmac
+{% if ansible_distribution_version|int > 27 %}
+# In Fedora 28+ there's a new package for dracut that does the FIPs stuff
+ALLOWHIDDENFILE=/usr/bin/.sha1hmac.hmac
+ALLOWHIDDENFILE=/usr/bin/.sha224hmac.hmac
+ALLOWHIDDENFILE=/usr/bin/.sha256hmac.hmac
+ALLOWHIDDENFILE=/usr/bin/.sha384hmac.hmac
+ALLOWHIDDENFILE=/usr/bin/.sha512hmac.hmac
+{% endif %}
 ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
 ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
 ALLOWHIDDENFILE=/usr/share/man/man5/.k5identity.5.gz