OpenSSH FIPS support

James Ralston ralston at
Sat Mar 11 08:47:08 AEDT 2023

A third possibility: if what you meant was:

3. We have a project where we are running sshd on a server that
   uses OpenSSL 3.0 but we are required to run the server in
   FIPS-enforcing mode and use only FIPS-validated algorithms.

…then the answer might be “that’s not possible at this time.”

Not many OS vendors are shipping OpenSSL 3.0 yet.  Red Hat Enterprise
Linux 9 uses OpenSSL 3.0, and Red Hat has submitted the RHEL9
cryptographic modules to the CMVP for validation, but they have not
yet been granted a certificate:

Note that in theory it should be easier to perform CMVP validation of
OpenSSL 3.0, because only the provider needs to be submitted
for validation:

But apparently it is more onerous to achieve validation under the
FIPS-140-3 program than the (discontinued) FIPS-140-2 program.

I do not know if any other Linux/Unix distributions both 1) are
shipping OpenSSL 3.0, and 2) have achieved CMVP validation for it.

More information about the openssh-unix-dev mailing list