This command enables you to toggle between the default OpenSSL library (FIPS compatible) and FIPS capable library.
|on||Enables FIPS mode.|
|off||Disable FIPS mode.|
After enabling/disabling FIPS, EPM will be notified to change the bit dedicated to FIPS Mode. As per requirement, currently SSH and SNMP will use this bit to toggle between normal and FIPS mode.
# sh security fips-mode FIPS Mode (current) : Off FIPS Mode (configured) : Off # configure security fips-mode on FIPS mode will be enabled only after rebooting the switch. SNMPv3 users configured with either md5 authentication or DES encryption will be discarded after reboot. SSH existing configuration of ciphers/MACs will be lost after reboot. Python scripting configuration is ignored when FIPS mode is 'on'. # show security fips-mode FIPS Mode (current) : On FIPS Mode (configured) : On
This command was first available in ExtremeXOS 21.1.
Current and configured information added in ExtremeXOS 32.2.
This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.