OpenSSH and OpenSSL 0.9.7.e with FIPS
Steve Marquess
marquess at oss-institute.org
Sat Feb 19 04:45:53 EST 2005
Michael Selvesteen wrote:
>I use OpenSSH 3.9 on HP-UX 11vi. I compiled OpenSSL 0.9.7e by enabling
>FIPS. I found in the FIPS document that OpenSSL now contains the
>FIPS 140 specific cryptographic API and algorithm implementations
>only; i.e. the API for low level algorithms (RSA, AES, 3DES, DSA,
>SHA-1). Does it have any functional impacts on SSH.
>
>Will all the encryption algorithm used by SSH continue to work when
>FIPS is enabled in OpenSSL.
Check the openssh-unix-dev archives around the June 2004 timeframe for
a patch and discussion on a FIPS mode OpenSSH.
Note that the FIPS mode OpenSSL validation is *still* pending.
-Steve M.
Steve Marquess
Veridical Systems, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
301-524-9915 cell (weekdays)
301-831-8447 landline/fax
marquess at veridicalsystems.com
marquess at oss-institute.org
More information about the openssh-unix-dev
mailing list