Thanks for the reply. Our appliance is enabled in FIPS mode by default.
All these days, we were using openssh 6.2 with openssl 0.9.8.
Now we need to upgrade openssl to 1.0.2j.
But we would not like to upgrade openssh at this time.
So is there is any other way we can still make it work without disabling FIPS mode ?
Thanks,
Sandeep
On Sat, Jun 9, 2018 at 10:38 AM, Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote:
> On Jun 9, 2018, at 1:35 PM, Sandeep Deshpande <sandeep.bvb@xxxxxxxxx> wrote:
>
> We have compiled and built older version (6.2p2) of openssh with 1.0.2j version of openssl.
> When the system in is crypto mode, we are getting the following error when a user logs in :
> "
> OpenSSL internal error, assertion failed: Low level API call to digest SHA256 forbidden in FIPS mode "
>
> How do we overcome this without having to upgrade openssh ?
Don't enable FIPS mode.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
