OpenSSH FIPS support
ralston at pobox.com
Sat Mar 11 08:47:08 AEDT 2023
A third possibility: if what you meant was:
3. We have a project where we are running sshd on a server that
uses OpenSSL 3.0 but we are required to run the server in
FIPS-enforcing mode and use only FIPS-validated algorithms.
…then the answer might be “that’s not possible at this time.”
Not many OS vendors are shipping OpenSSL 3.0 yet. Red Hat Enterprise
Linux 9 uses OpenSSL 3.0, and Red Hat has submitted the RHEL9
cryptographic modules to the CMVP for validation, but they have not
yet been granted a certificate:
Note that in theory it should be easier to perform CMVP validation of
OpenSSL 3.0, because only the fips.so provider needs to be submitted
But apparently it is more onerous to achieve validation under the
FIPS-140-3 program than the (discontinued) FIPS-140-2 program.
I do not know if any other Linux/Unix distributions both 1) are
shipping OpenSSL 3.0, and 2) have achieved CMVP validation for it.
More information about the openssh-unix-dev