second FIPS patch for openssh 6.0p1, fix pubkey
Schaaf, Jonathan P (GE Healthcare)
jonathan.P.schaaf at ge.com
Fri Aug 31 01:23:48 EST 2012
> The patch to enable FIPS mode for openssh 6.0p1 missed two instances of the ssh client trying to use MD5.
I assume you're talking about the patch I posted. My patch had another mistake... there's a third place with the same issue, in ssh-agent.c
I've updated the patch and reposted it at the same location:
http://jpschaaf.com/stuff/openssh-6.0p1-fips.diff
Comments are always appreciated... Particularly if anyone knows what the "right way" is to handle the case where cipher is NULL in authfile.c
Jonathan
More information about the openssh-unix-dev
mailing list