5.4p1 and FIPS 140-2

Roumen Petrov openssh at roumenpetrov.info
Tue Mar 16 07:41:54 EST 2010


Bryan wrote:
> My office is working with government contracts, and it appears that they
> are wanting FIPS enabled OpenSSL and OpenSSH is coming in the next year.
> We have been able to compile OpenSSL to create the container, but all
> the diffs to enable FIPS 140-2 in OpenSSH are for 5.3p1. Will the diffs
> from:
>
> https://bugzilla.mindrot.org/attachment.cgi?id=1789&action=edit
>
> build in 5.4p1 will a little find/replace version magic? Any chance that
> this will show up in the OpenBSD snaps, as I just found out you have PKI
> integration.

No OpenSSH don't support PKI.

> Thank you
> Bryan Brake

Roumen

-- 
Get X.509 certificates support in OpenSSH:
http://roumenpetrov.info/openssh/


More information about the openssh-unix-dev mailing list