Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program CMVP

Certificate #3473

Details

Module Name
Nutanix Cryptographic Module for OpenSSH Server
Standard
FIPS 140-2
Status
Active
Sunset Date
6/11/2024
Validation Dates
06/12/2019;07/13/2020
Overall Level
1
Caveat
When operated in FIPS mode with Nutanix Cryptographic Module for OpenSSL validated to FIPS 140-2 under Cert. #3460 operating in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Nutanix Cryptographic Module for OpenSSH Server provides server-side support for SSH version 2. This cryptographic module functions together with the Nutanix Cryptographic Module for OpenSSL to provide FIPS validated cryptography for SSH connections.
Tested Configuration(s)
  • CentOS 7.4 running on Nutanix NX-3360-G6 with Intel E5 2620 without PAA
  • CentOS 7.4 running on Nutanix NX-3360-G6 with Intel E5 2620 with PAA
  • CentOS 7.5 running on Nutanix NX-3360-G6 with Intel Xeon Silver-4116 with PAA
  • CentOS 7.5 running on Nutanix NX-3360-G6 with Intel Xeon Silver-4116 without PAA (single-user mode)
FIPS Algorithms
AES Certs. #5562 and #C661
CVL Certs. #1994 and #1998
DRBG Cert. #2216
ECDSA Cert. #1499
HMAC Cert. #3708
SHS Cert. #4465
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1994 with CVL Cert. #1998, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1994 with CVL Cert. #1998, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Software Versions
OpenSSH server RPM package 7.4p1-16.el7 and fipscheck RPM package 1.4.1-6.el7

Vendor

Nutanix, Inc.
1740 Technology Drive, Suite 150
San Jose, CA 95110
USA

Matt Keller
fips@nutanix.com
Ashutosh Pangasa
fips@nutanix.com

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0