OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?
Jakub Jelen
jjelen at redhat.com
Tue Dec 8 02:53:47 AEDT 2015
On 12/04/2015 10:02 PM, security veteran wrote:
> Hi Jakub,
>
> Another question I have is, are there any changes in this patch RedHat
> Linux distribution specific? The reason I ask is, if I port the changes to
> other Linux distribution like Debian or Ubuntu, do you see any issues?
I don't think there is something distro-specific. Distro specific parts
are handled in other patches.
> Thanks.
>
> On Fri, Dec 4, 2015 at 12:58 PM, security veteran <
> security.veteran at gmail.com> wrote:
>
>> Thanks Jakub.
>>
>> How does this patch match the OpenSSH source version? Does the patch only
>> applicable to OpenSSH version 6.6.1, or does other version available as
>> well?
>>
>> Thanks.
We were doing certification for openssh-6.6.1 last time, since it is the
thing we ship in our recent system. But we are maintaining similar patch
for current openssh version (though the name is outdated, it is for
7.1p1) for Fedora [1], even though it is not "verified" by
certification, it should fulfill similar requirements.
[1]
http://pkgs.fedoraproject.org/cgit/openssh.git/tree/openssh-6.7p1-fips.patch
--
Jakub Jelen
Security Technologies
Red Hat
More information about the openssh-unix-dev
mailing list