Dell Brocade G620 Brocade 8.0.1 Fabric OS Command Reference - Page 355
SSH DSA Keys check passed, NEWLY Added message
View all Dell Brocade G620 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 355 highlights
fipsCfg To verify FIPS prerequisites: switch:admin> fipscfg --verify fips Standby firmware supports FIPS - PASS SELF tests check has passed - PASS Root account is enabled - FAIL Radius check has passed - PASS Authentication check has passed - PASS Inflight Encryption check has passed - PASS IPSec check has passed - PASS Telnet port number for the policy is in permit state. HTTP port number for the policy is in permit state. RPC port number for the policy is in permit state. IPv4 policies not FIPS compliant - FAIL NEWLY Added message Telnet port number for the policy is in permit state. HTTP port number for the policy is in permit state. RPC port number for the policy is in permit state. IPv6 policies not FIPS compliant - FAIL SNMP is not in read only mode - FAIL Bootprom access is enabled - FAIL Firmwaredownload signature verification is disabled - FAIL Secure config upload/download is disabled - FAIL SSH DSA Keys check passed - PASS Inband Management interface is disabled - PASS Ipsecconfig is disabled. - PASS Signature Algorithm used in LDAP CA certificate is not Sha256 Signature Algorithm used in Switch CA certificate is not Sha256 Signature Algorithm used in HTTPS certificate is not Sha256 Signature Algorithm used in FCAP certificate is not Sha256 Signature Algorithm used in FCAP CA certificate is not Sha256 Certificates are not FIPS compliant - FAIL Certificates validation has passed - PASS SSH client's ShaValue is not configured as 2 - FAIL SSH client's MinPrime is not configured as 2048 - FAIL SSH client's KexAlgorithms is not configured as diffie-hellman-group-exchange-sha256 - FAIL SSH client's ServerHostKeySize is not configured as 2048 - FAIL SSH server's ShaValue is not configured as 2 - FAIL SSH config is not FIPS compliant - FAIL To enable FIPS after prerequisites have been met: switch:admin> fipscfg --enable fips You are enabling FIPS. Do you want to continue? (yes, y, no, n) [no] : yes FIPS mode has been set to : Enabled Please reboot the system switch:admin> fipscfg --show FIPS mode is : Enabled To attempt enabling FIPS when prerequisites are not met: switch:admin> fipscfg --enable fips SelfTests mode is not enabled. Root account is enabled. Authentication uses MD5 hash algorithm. Authentication uses DH group 0. Brocade Fabric OS Command Reference 331 53-1004112-02