You can enable FIPS (Federal Information Processing Standard) Compatible mode so that the client uses FIPS-compliant cryptographic algorithms when communicating with remote desktops.
Note: FIPS Compatible Mode means Horizon Client for Linux implements a cryptographic module that is designed for FIPS 140-2 compliance. This module was validated in operational environments listed in CMVP certificate #2839 and was ported to this platform. However, the CAVP and CMVP testing requirement to include the new operational environments in VMware's NIST CAVP and CMVP certificates remains to be completed on the product roadmap.
Important: If you enable FIPS Compatible mode in the client, the remote desktop must have FIPS Compatible mode enabled as well. Mixed mode, where only the client, or only the desktop, has FIPS Compatible mode enabled, is not supported.
To enable FIPS Compatible mode, make the following configuration changes:
- Edit /etc/vmware/config and add the following lines:
usb.enableFIPSMode = "TRUE"
mks.enableFIPSMode = “TRUE”
- Edit /etc/vmware/view-mandatory-config and add the following line:
View.fipsMode = ”TRUE”
- Edit /etc/teradici/pcoip_admin.conf and add the following line:
pcoip.enable_fips_mode = 1