HP Onboard Administrator User Manual
Page 24
Introduction 24
OA 3.60
Encryption
Normal
OA 3.60
Encryption
Strong
OA 3.70
FIPS
Mode
OFF
OA 3.70
FIPS Mode
ON
OA 4.11
OA 4.20
FIPS Mode
ON
OA 4.11
OA 4.20
FIPS Mode
OFF
Permitted Certificate
Signature Hash
Algorithms
md5, sha1,
sha224,
sha256,
sha384,
sha512
md5, sha1,
sha224,
sha256,
sha384,
sha512
md5,
sha1,
sha224,
sha256,
sha384,
sha512
sha1,
sha224,
sha256,
sha384,
sha512
sha1,
sha224,
sha256,
sha384,
sha512
sha1,
sha224,
sha256,
sha384,
sha512
DES
NO
NO
NO
NO
NO
NO
CAST5
NO
NO
NO
NO
NO
NO
Blowfish
NO
NO
NO
NO
NO
NO
ARC4
YES
YES
NO
NO
NO
NO
3DES
YES
YES
YES
YES
YES
YES
AES
YES
YES
YES
YES
YES
YES
256 bits
DHE-RSA-AES256-SHA
YES
YES
YES
YES
YES
YES
256 bits AES256-SHA
YES
YES
YES
YES
YES
YES
128 bits
DHE-RSA-AES128-SHA
YES
YES
YES
YES
YES
YES
128 bits AES128-SHA
YES
YES
YES
YES
YES
YES
168 bits
EDH-RSA-DES-CBC3-SHA
YES
YES
YES
YES
YES
YES
168 bits DES-CBC3-SHA YES
YES
YES
YES
YES
YES
SSH Interface
Default SSH key type and
size
DSA 2048
DSA 2048
DSA 2048 DSA 1024 RSA 2048 RSA 2048
HMAC-MD5
YES
NO
NO
NO
NO
NO
HMAC-SHA1-96
YES
NO
NO
NO
NO
NO
HMAC-SHA1
YES
YES
YES
YES
YES
YES
HMAC-SHA256
NO
NO
NO
NO
YES
YES
HMAC-SHA512
NO
NO
NO
NO
YES
YES
Insight Display KVM
RC4 Encryption
YES
YES
YES
NO
NO
YES
AES Support for LCD KVM NO
NO
YES
YES
YES
YES
1
Telnet is disabled by default in Onboard Administrator 3.70 and later. When in FIPS Mode, Telnet cannot be enabled.
2
Default certificate hash algorithm changed from SHA1 to SHA256 in Onboard Administrator 3.70. You can select
different key sizes and hash algorithms with the GENERATE KEYS command.
SSH ciphers
The supported SSH ciphers are the same for FIPS Mode ON and FIPS Mode OFF, and for Onboard
Administrator 3.71, 4.01, 4.11, and 4.20:
•
aes128-ctr
•
aes192-ctr
•
aes256-ctr