Check: GEN005490
VMware ESX 3 Server:
GEN005490
(in version v1 r2)
Title
The SSH daemon must use a FIPS 140-2 validated cryptographic module (operating in FIPS mode). (Cat II impact)
Discussion
Cryptographic modules used by the system must be validated by the NIST CVMP as compliant with FIPS 140-2. Cryptography performed by modules not validated is viewed by NIST as providing no protection for the data.
Check Content
Determine if the SSH daemon uses a FIPS 140-2 validated cryptographic module (operating in FIPS mode). If it does not, this is a finding.
Fix Text
Configure the SSH daemon to use a FIPS 140-2 validated cryptographic module (operating in FIPS mode).
Additional Identifiers
Rule ID: SV-28762r1_rule
Vulnerability ID: V-23826
Group Title: GEN005490
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-001145 |
The organization employs, at a minimum, FIPS-validated cryptography to protect unclassified information. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |