[Bug 3603] ssh clients can't communicate with server with default cipher when fips is enabled at server end

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Aug 17 20:35:39 AEST 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=3603

--- Comment #5 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to Shreenidhi Shedi from comment #4)
> Can you please point out what we are missing? here is our spec file.
> 
> https://github.com/vmware/photon/blob/5.0/SPECS/openssh/openssh.spec
> 
> Thanks a lot for your quick response and inputs. Like I mentioned
> earlier, we are not modifying things much; do we need to enable any
> config during configure stage?

In comment#1 you said:
"We did something like in PhotonOS 3.0:
https://github.com/vmware/photon/blob/3.0/SPECS/openssh/openssh-7.8p1-fips.patch"

but now you're pointing to a repo whos SPEC file doesn't contain
anything like that patch.  It also specifies an OpenSSH version that
corresponds to *neither* of the versions you mentioned in comment#1.

You are applying a FIPS patch to OpenSSH or are you not?  Are you
building a stock(ish) OpenSSH against a FIPS OpenSSL?   Exactly which
versions are you talking about and exactly which modifications are you
making to it?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list