2nd try,
Thx
Manju
On 17 Oct 2017 3:16 pm, "Manjunath SM" <manjunathsm1@xxxxxxxxx> wrote:
Server is operating in FIPS mode(fips mode enabled thru FIPS_mode_set).Hi All,Am using openssl-fips-2.0.14 at server side on top of openssl1.0.2K.Created DSA2048 host key at server which is running in FIPS mode,
With this configuration when am trying to do SSH from ssh client am getting below error.
===========================================================
The authenticity of host '135.249.23.182 (135.249.23.182)' can't be established
but keys of different type are already known for this host.
DSA key fingerprint is 31:75:2c:96:ac:9c:11:f8:3b:39:0b:86:ba:88:51:02.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '135.249.23.182' (DSA) to the list of known hosts.
ssh_dss_verify: remaining bytes in signature 24
key_verify failed for server_host_key======================================================== SSH client version is
OpenSSH_6.4p1, OpenSSL 1.0.1e-fips 11 Feb 2013In FIPS use guide I do see, DSA 2048 is supported.
Does any one faced similar issue ?If so pls share the findings.----
Regards
Manju
--
“Take care of the earth and she will take care of you.”
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
