Hello all, I am writing some security documentation for work. A question came up about whether or not the Linux security packages used for authentication (krb5) and key management (RSA/DSA for SSH) were FIPS compliant.
I don't really know. I know that Kerberos v5 is FIPS compliant and I know that SSH v2 is FIPS compliant. However, are the Linux packages FIPS compliant? Any ideas how I would verify if they are or not? Would they be compliant because the underlying algorithm is compliant? Thanks for any insight. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
