Updated v4.2

Enabling FIPS mode

If you're running LiquidFiles v4.2 and have an Ubuntu Pro license an attached to your LiquidFiles system (Admin → System → Pro), you can enable Ubuntu Pro FIPS mode. LiquidFiles v4.2 is using Ubuntu 22.04LTS and enabling FIPS mode will install packages that has been certified against FIPS 140-3.

Considerations

One-way operation

First consideration is that enabling this is a one-way operation. It's not possible to disabling FIPS mode so if you wish to not use it anymore, you will need to install a new LiquidFiles system and migrate to this system that doesn't have FIPS mode enabled.

ClamAV

The second consideration is that for full LiquidFiles functionality, it is required to run ClamAV v1.5 beta. ClamAV before v1.5 beta uses MD5 to validate that antivirus signatures have been downloaded successfully and when FIPS mode has been enabled, anything that uses MD5 will simply not be executed so AV signature validation will fail.

If you don't wish to use a beta version of ClamAV, your only other option is to disable AV scanning in Admin → Configuraition → Settings. You can possibly install another (FIPS compatible) AV engine. If you do, it needs to have a command line interface that can scan files ad-hoc from a script, and you can use ActionScripts to integrate another AV scanner with LiquidFiles. Please note that Microsoft Defender doesn't work because it doesn't have a command line interface that can scan files from a script.

Can I enable FIPS on earlier versions of LiquidFiles?

No, there was auxilliary libraries in LiquidFiles v4.1 and earlier that used MD5 for non-security related functions (a faux randomizer for instance) and enabling FIPS mode on an earlier system will break the system to the point that you will need to reinstall it. These libraries have been replaced or updated in LiquidFiles v4.2 to make it fully FIPS compliant.