Secure Shell as a FIPS 140 Consumer - Using a FIPS 140 Enabled System in Oracle® Solaris 11.2

Using a FIPS 140 Enabled System in Oracle^® Solaris 11.2

Exit Print View

» ...Documentation Home » Oracle Solaris 11.2 Information Library » Using a FIPS 140 Enabled System in ... » Enabling FIPS 140 Consumers on an Oracle ... » Secure Shell as a FIPS 140 Consumer

Updated: August 2014

Using a FIPS 140 Enabled System in Oracle^® Solaris 11.2

Document Information

Introduction to FIPS 140-2 Level 1 Cryptography in Oracle Solaris

Enabling FIPS 140 Providers on an Oracle Solaris System

Enabling FIPS 140 Consumers on an Oracle Solaris System

Apache Web Server as a FIPS 140 Consumer

Secure Shell as a FIPS 140 Consumer

IPsec and IKEv2 as FIPS 140 Consumers

Kerberos as a FIPS 140 Consumer

Key Management Framework as a FIPS 140 Consumer

passwd Command as a FIPS 140 Consumer

encrypt, decrypt, digest, and mac Commands as FIPS 140 Consumers

Example of Enabling Two Applications in FIPS 140 Mode on an Oracle Solaris System

FIPS 140 Algorithm Lists and Certificate References for Oracle Solaris Systems

Language:

Secure Shell as a FIPS 140 Consumer

Secure Shell (SSH) provides remote system access to Oracle Solaris systems at the initial installation. SSH is a consumer of the OpenSSL FIPS 140 module. As the administrator, you must explicitly enable SSH to run in FIPS 140 mode. For instructions, see Secure Shell and FIPS 140 in Managing Secure Shell Access in Oracle Solaris 11.2 . The instructions include the list of validated FIPS 140 algorithms.

Because SSH runs on the OpenSSL FIPS 140 module, if you try to use an algorithm that is not validated for the OpenSSL FIPS 140 provider, SSH will fail with an error. To configure SSH in FIPS 140 mode, see Example of Enabling Two Applications in FIPS 140 Mode on an Oracle Solaris System.

See also:

sshd(1M) and ssh(1) man pages
sshd_config(4) and ssh_config(4) man pages
ssh-keygen(1) man page

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices