On 2022-06-15 18:08, Dan Ritter wrote:
Tapas Das wrote:
Dan,
On Redhat Linux, to enable FIPS, FIPS package is available
https://access.redhat.com/discussions/3293631 ==> Explains how
to validate if FIPS is enabled on Redhat Linux
I am looking for something like that, whereby I can install a package
and enable FIPS on Debian.
No, if this is important to you, your deployment system should
ensure that the boot system passes fips=1 to the kernel.
I'm not sure why you would need a package for that; it's a
configuration item that only makes sense if you set it at boot
time.
There may be user space components too. I don't know if Debian still
ships with openssl or another SSL library now but openssl specifically
can be compiled in some FIPS compatibility mode.
Bijan
