Federal information processing standard (FIPS) cryptography provides cryptographic algorithms conforming
to various FIPS standards published by the National Institute of Standards and Technology (NIST), a non-
regulatory agency of the US Department of Commerce. FIPS mode is also validated for numerous platforms
to meet the FIPS-140-2 standard for a software-based cryptographic module.
This chapter describes how to enable FIPS cryptography requirements on Dell Networking platforms.
NOTE:
The Dell Networking OS uses an embedded FIPS 140-2-validated cryptography module
(Certificate #1747) running on NetBSD 5.1 per FIPS 140-2 Implementation Guidance section G.5
guidelines.
NOTE:
Only the following features use the embedded FIPS 140-2-validated cryptography module:
•
SSH Client
•
SSH Server
•
RSA Host Key Generation
•
SCP File Transfers
Currently, other features using cryptography do not use the embedded FIPS 140-2-validated
cryptography module.
Topics:
•
Configuration Tasks
•
Preparing the System
•
Enabling FIPS Mode
•
Generating Host-Keys
•
Monitoring FIPS Mode Status
•
Disabling FIPS Mode
Configuration Tasks
To enable FIPS cryptography, complete the following configuration tasks.
•
Preparing the System
•
Enabling FIPS Mode
•
Generating Host-Keys
•
Monitoring FIPS Mode Status
•
Disabling FIPS Mode
FIPS Cryptography
17
FIPS Cryptography
395