Triggering Self-Tests; Displaying And Maintaining Fips; Fips Configuration Examples; Entering Fips Mode Through Automatic Reboot - HP FlexNetwork 10500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Configuration manual (512 pages) ,
- Specifications (42 pages) ,
- Datasheet (20 pages)
Table of Contents
Advertisement
•
Signature and authentication PWCT test—This test is run when a DSA/RSA asymmetrical
key pair is generated. It uses the private key to sign the specific data, and then uses the public
key to authenticate the signed data. If the authentication is successful, the test succeeds.
•
Continuous random number generator test—This test is run when a random number is
generated. Each subsequent generation of a random number will be compared with the
previously generated number. The test fails if any two compared numbers are the same. This
test can also be run when a DSA/RSA asymmetrical key pair is generated.
Triggering self-tests
To examine whether the cryptography modules operate correctly, you can trigger a self-test on the
cryptographic algorithms. The triggered self-test is the same as the power-up self-test. If the self-test
fails, the card where the self-test process exists reboots.
To trigger a self-test:
Step
1.
Enter system view.
2.
Trigger a self-test.
Displaying and maintaining FIPS
Execute display commands in any view.
Task
Display the FIPS mode state.
FIPS configuration examples
Entering FIPS mode through automatic reboot
Network requirements
Use the automatic reboot method to enter FIPS mode, and use a console port to log in to the device
in FIPS mode.
Configuration procedure
# If you want to save the current configuration, execute the save command before you enable FIPS
mode.
# Enable FIPS mode and choose the automatic reboot method to enter FIPS mode. Set the
username to root and the password to 12345zxcvb!@#$%ZXCVB.
<Sysname> system-view
[Sysname] fips mode enable
FIPS mode change requires a device reboot. Continue? [Y/N]:y
Reboot the device automatically? [Y/N]:y
The system will create a new startup configuration file for FIPS mode. After you set the
login username and password for FIPS mode, the device will reboot automatically.
Enter username(1-55 characters):root
Command
system-view
fips self-test
Command
display fips status
463
Advertisement
Table of Contents
Troubleshooting
