Hi All: I tried to rebuild openssl with the FIPS modules, and then install the new openssl libs (lib crypto.so to be specific) on my Ubuntu 12.04 box. After that I noticed it seemed to break OpenSSH: I couldn't login to the box using ssh, and couldn't run the client command like ssh-keygen either. My questions are: 1. Does OpenSSH support FIPS mode? 2. Or does OpenSSH support with OpenSSL FIPS modules? 3. Is there a way to re-compile OpenSSH by turning on/off some flags to make it FIPS complaint? 4. Does the RedHat OpenSSH FIPS modules ( http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1791.pdf) also open sourced to the OpenSSH community? Thanks. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
