184
Keywords for the preferred key exchange algorithm prefer-kex:
The dh-group-exchange keyword was changed to dh-group-exchange-sha1.
The dh-group1 keyword was changed to dh-group1-sha1.
The dh-group14 keyword was changed to dh-group14-sha1.
Keywords for the preferred server-to-client encryption algorithm prefer-stoc-cipher:
The 3des keyword was changed to 3des-cbc.
The aes128 keyword was changed to aes128-cbc.
The aes256 keyword was changed to aes256-cbc.
The des keyword was changed to des-cbc.
The default settings for the following algorithms were changed:
For the preferred client-to-server encryption algorithm prefer-ctos-cipher:
Before modification: The default is aes128.
After modification: The default is aes128-ctr.
For the preferred client-to-server HMAC algorithm prefer-ctos-hmac:
Before modification: The default is sha1.
After modification: The default is sha2-256.
For the preferred key exchange algorithm prefer-kex:
Before modification: The default is dh-group-exchange in non-FIPS mode and is
dh-group14 in FIPS mode.
After modification: The default is ecdh-sha2-nistp256 in both non-FIPS mode and FIPS
mode.
For the preferred server-to-client encryption algorithm prefer-stoc-cipher:
Before modification: The default is aes128.
After modification: The default is aes128-ctr.
For the preferred server-to-client HMAC algorithm prefer-stoc-hmac:
Before modification: The default is sha1.
After modification: The default is sha2-256.
New command: fips kdf ssh
Use fips kdf ssh to generate a validation file in SSH Key Derivation Function (KDF) test.
Syntax
fips kdf ssh import single-request-file export validation-file
Views
Probe view
To Next Page
Loading...
