On 10/22/2015 09:12 PM, Ning Liu (niliu2) wrote:
(1) Is that true for OpenSSL ?
http://stackoverflow.com/questions/18616573/how-to-check-fips-140-2-support-in-openssl
But, having said that, you should note that FIPS is a certification that
applies to specific products. You can enable "FIPS mode" but no CentOS
systems are FIPS certified. If you require certification, you must use
a Red Hat product.
(2) How about OpenSSH, since we are using SSH for administration, but there is not too much document mentioning OpenSSH Vs. FIPS.
Look at the document you linked to, again. It describes specifics with
regard to OpenSSH. Verify that sshd is configured according to the
documentation, and follow the advice when generating host and user keys.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
