Enabling FIPS Mode for SSH Connections

Enabling FIPS Mode for SSH (SFTP) Connections

Refer to FIPS-Certified Libraries for detailed information about FIPS before enabling FIPS mode.

FIPS mode is a feature of the High Security (HS) module. The mechanisms and interfaces for enabling, disabling, and using FIPS cryptographic mode is available during the HS module evaluation period.

You can enable FIPS mode for:

inbound SFTP (SSH2)
inbound HTTPs/FTPs (SSL)
outbound HTTPs/FTPs (SSL) through Event Rules (except when using AWE).

FIPS mode does not apply to:

outbound client SFTP (SSH2) through Event Rules
AWE-based HTTPs/FTPs (SSL)
AWE-based SFTP (SSH2)
AS2 inbound nor outbound transactions

To enable FIPS mode for SSH connections

In the Administrator, connect to EFT Server and click the Server tab.
In the left pane, click the Server node on which you want to enable FIPS mode.
In the right pane, click the Security tab.
In the Federal Information ProcessingStandards (FIPS) area, select the Use FIPS certified library for SSH connections check box.
Click Apply to save the changes on EFT Server.
Stop and then restart the EFT Server service. On EFT Server's General tab, review the Statistics area to verify that the service started.

If the HS module has expired when you attempt to start a Site on a Server that has FIPS mode enabled, an error message appears in the Administrator, and the Server sends an error message to the Event Log.

Refer to SFTP for details of configuring and enabling SFTP (SSH2) on a Site.

Did this topic solve your problem/answer your question?

- For the most up-to-date information regarding EFT Server and its modules;

- To view version history, updates, and activation instructions;

- To download a PDF of this user guide;

- And to search the Knowledge Base and User Forum,

Visit the GlobalSCAPE Support Center, http://www.globalscape.com/support .

Refer to Copyright Information for copyright information.

Last modified: October 14, 2009