SSH

Enabling FIPS Mode Using Configuration File

To enable FIPS mode on Unix:

  1. Open the Connection Broker configuration file ssh-broker-config.xml that you want to modify (see the section called “Connection Broker Files”.

  2. Under the general element, modify the crypto-lib element by settings its value to fips.

  3. Ensure that the cryptographic algorithms defined in the configuration file for the default-settings element and the profiles element are compatible with FIPS mode. For FIPS-compatible algorithms, see ciphers, macs and kexs.

  4. Save the configuration file and reload the file to Connection Broker.