OpenSSH FIPS support

James Ralston ralston at pobox.com
Sat Mar 11 08:31:08 AEDT 2023


On Fri, Mar 10, 2023 at 10:27 AM Joel GUITTET
<jguittet.opensource at witekio.com> wrote:

> We currently work on a project that require SSH server with FIPS and
> using OpenSSL v3.

Gently: this is meaningless.  You probably mean one of the following:

1. The SSH server implementation is required to use only cryptographic
   algorithms that are FIPS-approved.

2. The SSH server implementation is required to be FIPS-validated.

If you mean #1, you don’t have to patch anything: it is trivial to
configure the various sshd options to permit only FIPS-approved
cryptographic algorithms.

If you mean #2, then patches aren’t going to help you: being
FIPS-validated means that you have submitted your cryptographic module
to the NIST CMVP (Cryptographic Module Validation Program), paid the
requisite fee, passed, and received a certificate number that others
can verify:

https://csrc.nist.gov/Projects/cryptographic-module-validation-program/validated-modules/Search

If your SSH server must be FIPS-validated, then use the CMVP search
page (above) to find an OS vendor that submits their OS cryptographic
components to the CMVP, run sshd on that OS, and make sure the OS is
configured to enforce FIPS validation.  (E.g., on a Linux host, pass
the “fips=1” parameter to the kernel via grub, and run
“update-crypto-policies --set FIPS” within the OS to configure the
various cryptography libraries to permit only FIPS-approved
algorithms.)

> Patching OpenSSH for this looks to be a massive job. Is it something
> that is considered on your side?

No patching of OpenSSH is required.


More information about the openssh-unix-dev mailing list