[Bug 3599] How to scan for keys when sshd server has fips enabled?

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Aug 31 00:33:07 AEST 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=3599

--- Comment #9 from Shreenidhi Shedi <sshedi at vmware.com> ---
There is a problem in the patch.

PTAL.
```
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 1fd5867..bb59b55 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -789,11 +789,11 @@ main(int argc, char **argv)
                                        fatal("Unsupported hash
algorithm");
                        } else if (strncasecmp(optarg, "ciphers=", 8)
== 0) {
                                ciphers = xstrdup(optarg + 8);
-                               if (!mac_valid(ciphers))
+                               if (!ciphers_valid(ciphers))
                                        fatal("Unsupported ciphers");
                        } else if (strncasecmp(optarg, "macs=", 5) ==
0) {
                                macs = xstrdup(optarg + 5);
-                               if (!ciphers_valid(macs))
+                               if (!mac_valid(macs))
                                        fatal("Unsupported MACs");
                        } else if (strncasecmp(optarg,
                            "kexalgorithms=", 14) == 0) {
```

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list