U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #1385


Module Name
Red Hat Enterprise Linux 5 OpenSSH Client Cryptographic Module
FIPS 140-2
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
Overall Level
When operated in FIPS mode. This module contains the embedded module Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1320 operating in FIPS mode. When obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9.1 of the provided Security Policy. Section 1 of the provided Security Policy specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module.)
Module Type
Multi-chip standalone
The OpenSSH Client cryptographic module provides the client-side component for an SSH protocol version 2 protected communication channel. OpenSSH is the standard SSH implementation and shipped with RHEL 5.4 or RHEL 5.8. Its cryptographic mechanisms use the OpenSSL library in FIPS 140-2 mode.
Tested Configuration(s)
  • Red Hat Enterprise Linux 5.4 and Red Hat Enterprise Linux 5.8 (single-user mode)
FIPS Algorithms
AES Certs. #1160, #1161 and #1162
DSA Certs. #378, #379 and #380
HMAC Certs. #661, #662 and #663
RNG Certs. #642, #643 and #644
RSA Certs. #549, #550 and #552
Triple-DES Certs. #839, #840 and #841
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 192 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
Software Versions


Red Hat®, Inc.
314 Littleton Road
Westford, MA 01886

Irina Boverman
Phone: 978-392-1000
Fax: 978-392-1001

Phone: 919-754-3700
Fax: 919-754-3701


NVLAP Code: 200658-0