A third possibility: if what you meant was: 3. We have a project where we are running sshd on a server that uses OpenSSL 3.0 but we are required to run the server in FIPS-enforcing mode and use only FIPS-validated algorithms. …then the answer might be “that’s not possible at this time.” Not many OS vendors are shipping OpenSSL 3.0 yet. Red Hat Enterprise Linux 9 uses OpenSSL 3.0, and Red Hat has submitted the RHEL9 cryptographic modules to the CMVP for validation, but they have not yet been granted a certificate: https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search?SearchMode=Basic&ModuleName=red+hat&CertificateStatus=Active&ValidationYear=0 Note that in theory it should be easier to perform CMVP validation of OpenSSL 3.0, because only the fips.so provider needs to be submitted for validation: https://www.redhat.com/en/blog/experience-bringing-openssl-30-rhel-and-fedora But apparently it is more onerous to achieve validation under the FIPS-140-3 program than the (discontinued) FIPS-140-2 program. I do not know if any other Linux/Unix distributions both 1) are shipping OpenSSL 3.0, and 2) have achieved CMVP validation for it. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
