FIPS commands
fips mode enable
Use fips mode enable to enable FIPS mode.
Use undo fips mode enable to disable FIPS mode.
Syntax
fips mode enable
undo fips mode enable
Default
The FIPS mode is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
After you enable FIPS mode and reboot the device, the system has strict security requirements, and
performs self-test on cryptography modules to make sure that they work properly.
After you execute the fips mode enable command, the system provides two methods to enter FIPS mode:
• Automatic reboot
The system automatically creates a FIPS default configuration file named fips-startup.cfg, and
specifies this file as the next startup configuration file. Configure the username and password to
log in to the rebooted device. You can press Ctrl+C to exit the configuring process. Then, the fips
mode enable command that is already entered is not executed.
The system automatically uses the specified startup configuration file to reboot after you configure
the crypto officer's username and password. HP recommends that you choose this method to log
in to the device in FIPS mode through a Console port.
• Manual reboot
This method requires manually reboot of a device after all required configurations are complete for
entering the FIPS mode.
To use manual reboot to enter the FIPS mode, follow these steps:
a. Enable the password control function globally.
b. Set the number of character types in a password for password control to 4 and configure at
least one character for each type.
309
To Next Page
Loading...
Need help?
General
