Hi All,
Am using openssl-fips-2.0.14 at server side on top of openssl1.0.2K. Created DSA2048 host key at server which is running in FIPS mode,
With this configuration when am trying to do SSH from ssh client am getting below error.
===========================================================
The authenticity of host '135.249.23.182 (135.249.23.182)' can't be established
but keys of different type are already known for this host.
DSA key fingerprint is 31:75:2c:96:ac:9c:11:f8:3b:39:0b:86:ba:88:51:02.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '135.249.23.182' (DSA) to the list of known hosts.
ssh_dss_verify: remaining bytes in signature 24
key_verify failed for server_host_key
With this configuration when am trying to do SSH from ssh client am getting below error.
===========================================================
The authenticity of host '135.249.23.182 (135.249.23.182)' can't be established
but keys of different type are already known for this host.
DSA key fingerprint is 31:75:2c:96:ac:9c:11:f8:3b:39:0b:86:ba:88:51:02.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '135.249.23.182' (DSA) to the list of known hosts.
ssh_dss_verify: remaining bytes in signature 24
key_verify failed for server_host_key
========================================================
SSH client version is
OpenSSH_6.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013
OpenSSH_6.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013
In FIPS use guide doI see, DSA 2048 is supported.
Does any one faced similar issue ?If so pls share the findings.
Does any one faced similar issue ?If so pls share the findings.
--
--
Regards
Manju
--
“Take care of the earth and she will take care of you.”
Regards
Manju
--
“Take care of the earth and she will take care of you.”
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
