7.1.13.3. Cryptographic Protection¶

In the default FIPS mode, the SSH daemon limits the key exchange algorithms to:

ecdh-sha2-nistp521
ecdh-sha2-nistp384
ecdh-sha2-nistp256
diffie-hellman-group-exchange-sha256

In the default FIPS mode, the SSH daemon limits the message authentication code (MAC) algorithms to:

hmac-sha2-256
hmac-sha1’

In the default FIPS mode, the SSH client limits the key exchange algorithms to:

In the default FIPS mode, the SSH client limits the MAC algorithms to:

hmac-sha2-256
hmac-sha1’

References: SC-13 : CRYPTOGRAPHIC PROTECTION

Read the Docs v: 6.2.0-0

Versions: latest; stable; 6.2.0-0; 6.1.0-0; 6.1.0-rc1; 6.0.0-0; 6.0.0-beta; 5.2.1-0; 5.2.0-0; 5.1.0-3; 5.1.0-2; 5.1.0-1; 5.1.0-0; 4.3.1-0; 4.3.0-0; 4.2.0-2; 4.2.0-1; 4.2.0-0; master

Downloads

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.