Secure Shell
Open SSH and FIPS 140-2 Nov 10 2010 04:32PM
Hrolenok, Paul (phrolenok intelligent net) (1 replies)
Re: Open SSH and FIPS 140-2 Nov 10 2010 04:49PM
AMuse (amuse foofus com) (1 replies)

Paul: When you compile OpenSSH against OpenSSL in FIPS mode, your
OpenSSH will inherit the FIPS 140-2 certification which applies to OpenSSL.

More info here: http://www.openssl.org/docs/fips/UserGuide-1.2.pdf

On 11/10/10 8:32 AM, Hrolenok, Paul wrote:
> I have an application where I have to implement SFTP file transfers with FIPS 140-2 certified encryption.
> I've been trying to find out if I can use Open SSH for this or if I have to buy a commercial solution.
> Essentially I have two questions.
>
> 1) Can I compile Open SSH from source using the Open SSL Fips sources and "inherit" the Fips certification?
> 2) Has anybody compiled Open SSH using the Fips Open SSL sources and can they give me any pointers on how to do that?
>
> Any data on the difficulty or time involved would be appreciated since I have to justify the final decision to
> my $BOSS. I would be doing this on a Sun SPARC system running Solaris 10. I have access to both gcc and the
> Sun Workshop compilers and would appreciate any insight on either or both.
>
> TIA
> Paul
>
> Paul S. Hrolenok
> Senior Consultant
> ID Services Group
> http://www.intelligent.net
> Recognized on Washingtonian Magazine's 50 Great Places to Work list - 2009

[ reply ]
Re: Open SSH and FIPS 140-2 Nov 10 2010 11:12PM
IBug_1 (ibug_1 comcast net)


 

Privacy Statement
Copyright 2010, SecurityFocus