I would like to submit a feature enhancement request regarding the NetApp ONTAP PowerShell Toolkit.
In our environment, Windows FIPS mode is enabled (“System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing”). Under this configuration, the Invoke-NcSSH cmdlet fails because the underlying SSH implementation does not use FIPS-validated cryptographic providers.
As a result, we are unable to use Invoke-NcSSH in our production automation workflows, even though SSH access itself is permitted. This creates a limitation for customers operating in security-hardened or compliance-regulated environments (e.g., FIPS 140-2/140-3).
We would like to request that NetApp consider implementing a FIPS-compliant SSH option in the ONTAP PowerShell Toolkit. Possible approaches could include:
Leveraging Windows’ built-in OpenSSH client or system crypto providers
Using a FIPS-validated cryptographic library
Providing an alternative secure transport mechanism that meets FIPS requirements
FIPS compliance is increasingly required in enterprise and government environments, and having native support within the PowerShell Toolkit would greatly improve its usability in secure deployments.
Please let us know if this enhancement request can be logged formally (PER) and whether there are any current or planned roadmap items addressing FIPS compliance for SSH functionality in the toolkit.
Thank you for your time and consideration.
