USB entropy token support
Use of a USB entropy token during the boot process is now enabled by default when using a FortiGate in Federal Information Processing Standards-Common Criteria (FIPS-CC) mode. If a FortiGate unit in this mode does not have an USB entropy token inserted, it is unable to complete the boot process will display the following message: Please insert entropy token to continue boot process.
Entropy token use can be disabled from the CLI. It can also be enabled on a FortiGate unit in normal mode (by default, entropy tokens are disabled in normal mode).
Syntax
config system fips
set entropy-token {enable | disable}
end
| The entropy token must be present during boot process when a FortiGate unit is switched to FIPS-CC mode. |