Enabling FIPS mode

FIPS mode will restrict algorithm usage to just those algorithms included in the FIPS specifications. This results in 

  • Key exchange algorithms restricted to those that use primes >= 2048 bits.
  • Use of AES and 3DES ciphers only
  • Use of RSA keys only
  • Use of SHA1 and SHA256 macs only

 

To instruct the client to use FIPS mode call the enableFIPSMode method before creating your clients.

SshConnector con = SshConnector.createInstance();
con.enableFIPSMode();
Have more questions? Submit a request

1 Comments

  • 0
    Avatar
    Vasireddy, Venugopal

    Can this be done, if we use pure JDK8 with JCE unlimited strength Policy files.

     

    1) Oracle JDK on Linux/Solaris

    2) IBM JDK on AIZ

     

Please sign in to leave a comment.