Government Compliant

Pragma Systems' Fortress SSH Server and SSH Client are FIPS 140-2 (Federal Information Processing Standard) compliant with FIPS 140-3 copmliance coming soon. For FIPS compliance, we use Microsoft Base Crypto Primitives Library (NIST #4536 certificate), which has FIPS 140-2 Certification and will soon have FIPS 140-3.

Data security encryption compliance is mandatory for U.S. federal agencies, the U.S. Department of Defense, the Canadian government, financial institutions and many private sector agencies when it is determined that cryptography is necessary for protecting sensitive information.

Fortress SSH Server and Client are further boosted with even more robust encryption by adding Elliptic curve, Edwards curve and related key exchanges.

Elliptic curve host key:

  • ED25519
  • ECDSA (nistp521, nistp384, nistp256)

New Kex Exchanges:

  • curve25519-sha256
  • ecdh-sha2-nistp521
  • ecdh-sha2-nistp384
  • ecdh-sha2-nistp256

Existing supported Ciphers:

  • AES- GCM

Existing supported Key Exchanges:

  • diffie-hellman-group-exchange-sha256
  • diffie-hellman-group14-sha1
  • diffie-hellman-group14-sha256
  • diffie-hellman-group15-sha512
  • diffie-hellman-group16-sha512
  • diffie-hellman-group17-sha512
  • diffie-hellman-group18-sha512


  • sha2-256
  • sha2-384
  • sha2-512
  • sha-1


  • hmac-sha2-256
  • hmac-sha2-512
  • hmac-sha1

In order to further comply with government requirements, Pragma supports 2-factor RFC 6187 in Fortress SSH product line to work with Cisco routers and switches which are SSH RFC 6187 enabled. 2-factor RFC 6187 SSH is a key requirement for US DoD and Federal Government departments to avoid the hacking & unauthorized access going around from foreign countries and intruders. Pragma Fortress SSH clients and servers fully support RFC 6187 2-factor authentication, has been validated by Cisco to work in its secure environment (Cisco IOS 15.2 (2) and above supports RFC 6187).


Social Media