SSH

Enabling FIPS 140-2 Mode

Enabling FIPS Mode Using Configuration GUI
Enabling FIPS Mode Using Configuration File
FIPS-Certified Cryptographic Library

You can enable Tectia ConnectSecure to operate in FIPS mode after which all cryptographic operations are run according to the FIPS 140-2 standard.

In FIPS mode, OpenSSL cryptographic libary is used for all cryptographic operations, see FIPS-Certified Cryptographic Library. In Standard mode, Tectia proprietary cryptographic library is used for all cryptographic operations.

[Note]Note

In FIPS mode, due to a FIPS regulation which forbids exporting unencrypted private keys out of the FIPS module, it is not possible to generate user keys without a passphrase.