[Bug 3855] sshd-auth sandbox limitations
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Oct 22 14:09:18 AEDT 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3855
--- Comment #13 from Adrian Jarc <adrian.jarc at aviatnet.com> ---
(In reply to Damien Miller from comment #11)
> Can you share what the resolution was? It might be useful for other
> people...
Of course. The resolution was using getrandom() as you suggested. But
in our case, because WolfSSL does not have a FIPS-certified wolfCrypt
module with getrandom() implementation, we had to add a patch to
wolfProvider, which adds and uses this implementation, as FIPS
FIPS-certified wolfCrypt module does not guarantee random strength
(that means you can use a custom random generator with FIPS mode). The
patch is uploaded as attachment
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list