Please enable JavaScript to view this site.

SSH Configuration for RDM's FIPS140-2 Compliance

Description

In order for Remote Desktop Manager SSH client to be compliant with the FIPS 140-2 Annex A you need to apply specific configurations change in Remote Desktop Manager options.

ShieldNotice48x48

In order to be compliant, you need to ensure that non-compliant algorithms are disabled. For this, you need to validate that the boxes that are NOT checked in the screenshots below are disabled in the client configuration.

ShieldCaution48x48

We do not recommend using these settings unless you’re in an environment that requires compliance with FIPS 140-2. Most users should stick to the default settings of Remote Desktop Manager and enable additional cipher suites only if required by their servers.

BadgeHelp48x48

These values originates from the FIPS140.2 annex A standard and Microsoft’s documentation.

Settings

1.In Remote Desktop Manager go to File - Options - Types - Terminal - Algorithm Support.

2.In the Cipher tab, uncheck:

Chacha20 Poly1305 (openssh.com)

Aes256 Gcm (openssh.com)

Aes192 Gmc (openssh.com)

Rijndael Cbc (lysator.liu.se)

KB4861

3.In the Host key tab, uncheck:

Ssh Ed25519

X509v3 Sign Rsa

X509v3 Sign Rsa Sha256 (ssh.com)

Ssh Dss

KB4862

4.In the Kex tab, uncheck:

Curve25519 Sha256

Curve25519 Sha256 (libssh.org)

Diffie Hellman Group16 Sha512

Diffie Hellman Group18 Sha512

Diffie Hellman Group14 Sha256

Diffie Hellman Group1 Sha1

KB4863

5.In the MAC tab, uncheck:

Hmac Sha 1 96

Hmac Md5 96

Hmac Md5

KB4864

6.Click OK.