OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?

Jakub Jelen jjelen at redhat.com
Wed Dec 9 00:27:52 AEDT 2015


On 12/07/2015 09:21 PM, security veteran wrote:
> Thanks Jakub.
>
> If I want to build the FIPS supported OpenSSH, do I just need to apply this
> one single patch
> http://pkgs.fedoraproject.org/cgit/openssh.git/tree/openssh-6.7p1-fips.patch
>
> to the vanilla OpenSSH source code?
>
> I saw there are few other patches for OpenSSH version 6.7p1 under the same
> folder http://pkgs.fedoraproject.org/cgit/openssh.git/tree/.
> Do I need these other patches?
It should be enough to add that one, directly related to FIPS. There 
were other unused patches, which I cleaned up now.

-- 
Jakub Jelen
Associate Software Engineer
Security Technologies
Red Hat



More information about the openssh-unix-dev mailing list