Page 1 of 1

FIPS 140-2

Posted: Mon Nov 22, 2010 7:26 pm
by jbriscoe
Do you have some documentation as to what FIPS 140-2 Mode does when you enable it? We need to disallow use of ciphers using less than 112 bit key lengths. Will enabling this option do that, or can you tell me how I can configure the server to not accept these?

Thank you...

Re: FIPS 140-2

Posted: Tue Nov 23, 2010 4:59 am
by FTP
Here is the explanation for FIPS 140-2 in Wikipedia: http://en.wikipedia.org/wiki/FIPS_140-2

How to enable it? See here: http://www.wftpserver.com/help/ftpserve ... aneous.htm, you just need to enable "FIPS 140-2 Mode", and after enabling it, all the SSL certificates need to be generated again.

Only have an option "Disable SSLv2", I think it will be secure enough, because modern FTP client software will support secure ciphers, so you don't need to worry about this.

Re: FIPS 140-2

Posted: Tue Jul 17, 2018 8:00 am
by shankar
Hello,

Can you please share the process, how to enable FIPS 140-2 mode from command line in Linux servers, without username & password. I have super user privileges on server.

Re: FIPS 140-2

Posted: Wed Jul 18, 2018 4:20 am
by FTP
OK, so you can edit the file "Data/settings.xml" manually, just change the line 19 into:

<EnableFips>1</EnableFips>

And then restart the WingFTP service.

Re: FIPS 140-2

Posted: Tue Mar 02, 2021 3:49 pm
by chazjn
Does anyone know exactly which ciphers/protocols are enabled/disabled after ticking the FIPS 140-2 box?
Thanks