HP BladeSystem Onboard Administrator User Guide
Introduction 24
OA 3.60
Encryption
Normal
OA 3.60
Encryption
Strong
OA 3.70
FIPS
Mode
OFF
OA 3.70
FIPS Mode
ON
OA 4.11
OA 4.20
FIPS Mode
ON
OA 4.11
OA 4.20
FIPS Mode
OFF
Permitted Certificate
Signature Hash
Algorithms
md5, sha1,
sha224,
sha256,
sha384,
sha512
md5, sha1,
sha224,
sha256,
sha384,
sha512
md5,
sha1,
sha224,
sha256,
sha384,
sha512
sha1,
sha224,
sha256,
sha384,
sha512
sha1,
sha224,
sha256,
sha384,
sha512
sha1,
sha224,
sha256,
sha384,
sha512
DES
NO NO NO NO NO NO
CAST5
NO NO NO NO NO NO
Blowfish
NO NO NO NO NO NO
ARC4
YES YES NO NO NO NO
3DES
YES YES YES YES YES YES
AES
YES YES YES YES YES YES
256 bits
DHE-RSA-AES256-SHA
YES YES YES YES YES YES
256 bits AES256-SHA
YES YES YES YES YES YES
128 bits
DHE-RSA-AES128-SHA
YES YES YES YES YES YES
128 bits AES128-SHA
YES YES YES YES YES YES
168 bits
EDH-RSA-DES-CBC3-SHA
YES YES YES YES YES YES
168 bits DES-CBC3-SHA
YES YES YES YES YES YES
SSH Interface
Default SSH key type and
size
DSA 2048 DSA 2048 DSA 2048 DSA 1024 RSA 2048 RSA 2048
HMAC-MD5
YES NO NO NO NO NO
HMAC-SHA1-96
YES NO NO NO NO NO
HMAC-SHA1
YES YES YES YES YES YES
HMAC-SHA256
NO NO NO NO YES YES
HMAC-SHA512
NO NO NO NO YES YES
Insight Display KVM
RC4 Encryption
YES YES YES NO NO YES
AES Support for LCD KVM
NO NO YES YES YES YES
1
Telnet is disabled by default in Onboard Administrator 3.70 and later. When in FIPS Mode, Telnet cannot be enabled.
2
Default certificate hash algorithm changed from SHA1 to SHA256 in Onboard Administrator 3.70. You can select
different key sizes and hash algorithms with the GENERATE KEYS command.
SSH ciphers
The supported SSH ciphers are the same for FIPS Mode ON and FIPS Mode OFF, and for Onboard
Administrator 3.71, 4.01, 4.11, and 4.20:
• aes128-ctr
• aes192-ctr
• aes256-ctr