Specifications
Security Target Version 1.0 9/29/2014
40
evaluator shall check the operational guidance to ensure that it contains instructions for
configuring these values. The evaluator shall also perform the following tests:
Test 1: The evaluator shall demonstrate that taking longer than the timeout period to authenticate
to the TOE results in a disconnection of the current session and requires that the evaluator initiate
a new session to attempt to connect. If the timeout period is configurable, the evaluator shall
ensure that the operational guidance is followed to implement at least two different periods in
order to ensure that the mechanism works as specified.
Test 2: The evaluator shall demonstrate that performing a number of failed SSH authentication
attempts equal to the value specified in the requirement results in a disconnection of the current
session and requires that the evaluator initiate a new session to attempt to connect. If this number
is configurable, the evaluator shall ensure that the operational guidance is followed to implement
at least two different limits (e.g., 3 attempts and 5 attempts) in order to ensure that the mechanism
works as specified.
FCS_SSH_EXT.1.4
The TSF shall ensure that the SSH protocol implementation supports the following authentication
methods as described in RFC 4252: public key-based, password-based.
Assurance Activity:
The evaluator shall check to ensure that the TSS contains a description of the public key
algorithms that are acceptable for use for authentication, that this list conforms to
FCS_SSH_EXT.1.7, and ensure that password-based authentication methods are also allowed.
The evaluator shall also perform the following tests:
Test 1: The evaluator shall, for each public key algorithm supported, show that the TOE supports
the use of that public key algorithm to authenticate a user connection. Any configuration activities
required to support this test shall be performed according to instructions in the operational
guidance.
Test 2: Using the operational guidance, the evaluator shall configure the TOE to accept password-
based authentication, and demonstrate that a user can be successfully authenticated to the TOE
over SSH using a password as an authenticator.
FCS_SSH_EXT.1.5
The TSF shall ensure that, as described in RFC 4253, packets greater than [32,768] bytes in an
SSH transport connection are dropped.
Assurance Activity:
The evaluator shall check that the TSS describes how 'large packets' in terms of RFC 4253 are
detected and handled. The evaluator shall also perform the following test:
Test 1: The evaluator shall demonstrate that if the TOE receives a packet larger than that specified
in this component, that packet is dropped.
FCS_SSH_EXT.1.6
The TSF shall ensure that the SSH transport implementation uses the following encryption
algorithms: AES-CBC-128, AES-CBC-256-CBC, [no other encryption algorithms].
Assurance Activity:
The evaluator shall check the description of the implementation of this protocol in the TSS to
ensure that optional characteristics are specified, and the encryption algorithms supported are
specified as well. The evaluator shall check the TSS to ensure that the encryption algorithms
specified are identical to those listed for this component. The evaluator shall also check the
operational guidance to ensure that it contains instructions on configuring the TOE so that SSH
conforms to the description in the TSS (for instance, the set of algorithms advertised by the TOE