FIPS for Ubuntu

FIPS for Ubuntu

These documentation pages provide technical information and clarifications about Ubuntu’s FIPS certification. For a high level summary see our main page on Ubuntu for FIPS.

Our approach in certifications

By default, Ubuntu comes with cryptographic packages based on the upstream sources and is not configured to adhere to any national standard. The Ubuntu Advantage (ua) tool makes it possible to set up the system to adhere to the FIPS standard, by a process that we describe as “enabling FIPS” —see this page for more details.

Although there is a global system “switch” for FIPS, the FIPS 140 certification covers specific binary packages. In Ubuntu we select a set of cryptographic packages from the main repository that form our cryptographic core set. This set of packages is tested and validated for the FIPS 140-2 requirements on each Ubuntu LTS release. The FIPS validated packages are installed during the FIPS enablement. The list of validated packages along with their certificates is at this page