OpenSSH use of OpenSSL in FIPS Mode

Stan Kladko kladko at
Tue Mar 6 12:01:22 EST 2007

My understanding is that the OpenSSL module supports the cryptographic key 
establishment algorithms used in OpenSSH, such as Diffie-Hellman. If OpenSSH 
properly uses these algorithm implementations it will be in a similar class 
with respect to FIPS 140-2 compliance as Microsoft Internet Explorer, VPN 
client and other well known software titles which use Microsoft Crypto 


----- Original Message ----- 
From: "Joshua Hill" <josh-lists at>
To: "Stan Kladko" <kladko at>
Cc: <openssh-unix-dev at>
Sent: Monday, March 05, 2007 3:36 PM
Subject: Re: OpenSSH use of OpenSSL in FIPS Mode

> On Mon, Mar 05, 2007 at 01:28:20PM -0800, Stan Kladko wrote:
>> It is specified that the module provides "all the cryptographic services 
>> in
>> the solution".
> Do you not consider key establishment a "cryptographic service"?
> It would seem that we are largely speaking past each other in this
> instance.  I acknowledge that some services (such as Anti-Virus, as you
> mentioned) may be generally considered a "security service", but would
> not normally be relevant to FIPS 140.
> This is not the matter at hand, however.  The matter at hand is: "Should
> OpenSSH be modified to allow it to use the FIPS module within OpenSSL?"
> My contention is that this would not be particularly useful action to
> take as:
> (1) Key establishment _is_ relevant to FIPS 140.
> (2) OpenSSH implements key establishment such that the protocol is
> largely outside of OpenSSL.  Yes, OpenSSH uses the underlying crypto
> algorithms provided by OpenSSL, but the key establishment is done
> outside OpenSSL.
> As a consequence of (1) and (2), if one were to modify OpenSSH to take
> advantage of the validated portion of OpenSSL, one would still not
> have a package that would be appropriate for use within the US Federal
> Government.
> In fact, to accomplish this end, one would still have to go through
> a separate validation process for the OpenSSH functionality, which
> means that it's about the same condition prior to the entire OpenSSL
> sub-component validation.
> Josh 

More information about the openssh-unix-dev mailing list