Enabling FIPS for SSH (SFTP) Connections
(Requires the Advanced Security in EFT Enterprise, and Express Security module and SFTP module in EFT SMB/Express)
After you enable or disable FIPS mode, you must restart the EFT server service.
To enable FIPS for SSH connections
-
In the administration interface, connect to EFT and click the Server tab.
-
On the Server tab, click the Server node on which you want to enable FIPS mode.
-
In the right pane, click the Security tab.
-
In the Federal Information Processing Standards (FIPS) area, select the Use FIPS certified library for SSH connections check box.
-
Click Apply to save the changes on EFT.
-
On EFT's General tab, review the Statistics area to verify that the service started.
When the EFT Site is started, if FIPS is enabled, a message displays the protocols in use and which of the protocols in use are FIPS certified. When you enable FIPS, the ciphers, key, and hash lengths/types that are not FIPS-approved are not available. If a FIPS-approved state cannot be achieved when FIPS is enabled, all Sites will stop, and an error is written to the Windows Event Log.