Hi, We would like to use openssh in fips mode. It looks it is not provided as a configurable option through sshd_config, Are there plans to do incorporate such change. Do we have to change openssh code for now until the option is provided. If sshd is operating in fipsmode, does it provide additional errors/audits to indicate failures such as pair wise consistency failed during on of the sshd internal key generation, etc. Please suggest for any recomendations and suggestions or references on how to use openssh (sshd) in fips mode. Thanks and Regards, Pavan
Hello Sudarshan, Sudarshan Soma wrote:> Hi, > We would like to use openssh in fips mode. [SNIP]Please see http://roumenpetrov.info/secsh/ for details. Supports includes are mainstream, RedHat or Solaris FIPS validated OpenSSL cryptographic library.> Thanks and Regards, > Pavan >Regards, Roumen Petrov -- Secure shell with X.509 certificate support http://roumenpetrov.info/secsh/
On Fri, 2018-03-16 at 23:13 +0530, Sudarshan Soma wrote:> Hi, > We would like to use openssh in fips mode. It looks it is not > provided as a > configurable option through sshd_config, Are there plans to do > incorporate > such change. > > Do we have to change openssh code for now until the option is > provided. > If sshd is operating in fipsmode, does it provide additional > errors/audits > to indicate failures such as pair wise consistency failed during on > of the > sshd internal key generation, etc. > > Please suggest for any recomendations and suggestions or > references on how > to use openssh (sshd) in fips mode.Using FIPS mode is more complicated than changing a configuration option or using the OpenSSL library in some way. There are several patches adding this functionality, but none of them is incorporated upstream. Additionally, if you would like to claim you are running OpenSSH in FIPS mode, you need to undergo audit of the code (and OpenSSL as a crypto provider) and obtain a certificate from NIST, which is quite expensive so I would rather recommend you to use a version that is already certified from other vendors that went this way. Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat, Inc.
Hi, Jakub Jelen wrote on Mon, Mar 19, 2018 at 02:17:14PM +0100:> Using FIPS mode is more complicated than changing a configuration > option or using the OpenSSL library in some way. There are several > patches adding this functionality, but none of them is incorporated > upstream.In OpenBSD and the sub-projects like LibreSSL and OpenSSH, we are convinced that providing FIPS support would actually *lower* the overall security standards of the projects - even for users that keep it disabled, because ifdefs, options and the like always make code less readable and cause an additional risk of introducing bugs. For that reason, it is very unlikely that *any* FIPS-related patches might ever get merged. They will most likely be summarily rejected, except when they have beneficial effects unrelated to FIPS. The lowered security standard that is caused by FIPS ought to remain restricted to those people who want it, and those people should also pay with their own money for having their security standard lowered in that way. In a nutshell, if you want FIPS, use money and buy it somewhere, but not from OpenBSD/LibreSSL/OpenSSH directly. On the other hand, if you want the best possible security standards, stay away from FIPS. Yours, Ingo