SSH Tectia  
Previous Next Up [Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server >>
    Getting Started >>
    Configuration >>
        Configuration Files >>
        Subconfigurations >>
        Enabling FIPS Mode
        Ciphers and MACs
        Compression
        Configuring Root Logins
        Restricting User Logins
        Subsystems
        Configuring ssh2 for ssh1 Compatibility
        Auditing >>
        Securing SSH Tectia Client and Server >>
    Authentication >>
    Application Tunneling >>
    Troubleshooting >>
    Man Pages
    Advanced Options >>
    Log Messages >>

Enabling FIPS Mode

SSH Tectia Server can be operated in FIPS mode, using a version of the cryptographic library that has been certified according to the Federal Information Processing Standard (FIPS). In this mode the cryptographic operations are performed according to the rules of the FIPS 140-2 certification standard.

The software uses standard libraries by default - the FIPS 140-2 certified libraries are available separately. If the FIPS-certified cryptographic library has been enabled, SSH Tectia Server will detect and use it automatically.

For a list of platforms on which the FIPS library has been validated or tested, see SSH Tectia Client/Server Product Description.

You can check the library you have by running the following command with no arguments: 

# /usr/local/sbin/ssh-crypto-library-chooser

You can enable the fips mode (or the std mode) by giving the mode as argument: 

# /usr/local/sbin/ssh-crypto-library-chooser fips

Specifying an invalid mode (for example, fips for platforms that do not have it) returns 1 and prints an error message.

Previous Next Up [Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2010 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice