Displaying 20 results from an estimated 900 matches similar to: "FIPS 140-2 certification"
2011 Jun 28
3
FIPS 140-2 compliance
I''ve just posted a feature request
<http://projects.puppetlabs.com/issues/8120> relating to FIPS 140-2
compliance. I''m pointing to it here on the mailing list because I listed
there five places where Puppet (nay, Ruby!) crashed while I was testing
a deployment using FIPS mode on all hosts. It crashed because it tried
to use MD5, and OpenSSL in FIPS mode doesn''t let
2004 Jun 04
2
Patch for FIPS 140 mode - take 3
Greetings.
(Third try at sending this, the first two seemed to disappear without a
trace.
Perhaps use of MS Outlook was the problem, even though in plain text...? Or
attachment too big (22Kb)? Would like to know...)
The final source code and documentation package for a FIPS 140 validated
mode
of OpenSSL was recently submitted. Once the final certification is
awarded by
NIST, in a month or
2015 Dec 07
2
OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?
On 12/04/2015 10:02 PM, security veteran wrote:
> Hi Jakub,
>
> Another question I have is, are there any changes in this patch RedHat
> Linux distribution specific? The reason I ask is, if I port the changes to
> other Linux distribution like Debian or Ubuntu, do you see any issues?
I don't think there is something distro-specific. Distro specific parts
are handled in other
2015 Dec 04
2
OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?
Thanks Jakub.
How does this patch match the OpenSSH source version? Does the patch only
applicable to OpenSSH version 6.6.1, or does other version available as
well?
Thanks.
On Fri, Dec 4, 2015 at 4:26 AM, Jakub Jelen <jjelen at redhat.com> wrote:
>
> On 12/04/2015 03:26 AM, security veteran wrote:
>
>> 3. Is there a way to re-compile OpenSSH by turning on/off some flags
2008 Apr 21
3
FIPS 140-2 OpenSSL(2007) patches
Hi,
I am happy to (re)send a set of patches for compiling OpenSSH 4.7p1 with
FIPS 140-2 OpenSSL.
These are based on previously reported patches by Steve Marquess
<marquess at ieee.org> and Ben Laurie <ben at algroup.co.uk>,
for ver. OpenSSH 3.8.
Note that these patches are NOT OFFICIAL, and MAY be used freely by
anyone.
Issues [partially] handled:
SSL FIPS Self test.
RC4,
2015 Dec 07
2
OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?
Thanks Roumen.
>Lets assume that application use OpenSSL FIPS validated module. FIPS mode
is activated in openssl command if environment variable OPENSSL_FIPS is
set. Similarly I use OPENSSL_FIPS environment variable to activate FIPS
mode. Code will call FIPS_mode_set(1) if crypto module is not FIPS mode.
Did you mean the FIPS patched OpenSSH server and client (such as
ssh-keygen) always
2015 Dec 07
2
OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?
Thanks Roumen.
I have few more questions below:
1. What version of OpenSSH can the patch be applied to? What branch should
I check out the patch?
2.
>Impact is not only for source code. Build process has to be updated as
well. Red Hat is based on "fipscheck".
What build process should be changed? What is fipscheck?
3. My understanding any application (such as OpenSSH) which need
2008 Jun 03
0
FIPS 140-2 OpenSSL(2007) patches
Hi Oren,
I'd VERY MUCH appreciate if you could send me a unified patch file for
openssh with fips.
In the meanwhile I'll try to work with the ones you posted.
BTW, I'm CentOS-5.1 based. My native openssh is 4.3p2. Do you think
your patch may be valid for that baseline as well? Could you make one?
I know this is a lot to ask for. Are there any other alternatives?
Many
2010 Mar 15
1
5.4p1 and FIPS 140-2
My office is working with government contracts, and it appears that they
are wanting FIPS enabled OpenSSL and OpenSSH is coming in the next year.
We have been able to compile OpenSSL to create the container, but all
the diffs to enable FIPS 140-2 in OpenSSH are for 5.3p1. Will the diffs
from:
https://bugzilla.mindrot.org/attachment.cgi?id=1789&action=edit
build in 5.4p1 will a little
2011 Aug 03
0
OpenSSH and FIPS 140-2
Does anyone knows why in some OpenSSH patches for FIPS we have something like:
SSLeay_add_all_algorithms();
if (FIPS_mode() && !FIPSCHECK_verify(NULL, NULL)) {
fprintf(stderr,
"FIPS integrity verification test failed.\n");
exit(3);
}
This block of code is always in main() soon after starting
service/client. Why are they
2013 Oct 10
3
FIPS 140-2 patch for openssh 6.3.p1
Hi,
Is FIPS 140-2 patch for openssh 6.3.p1 available somewhere or do I have to
make one using
http://www.openssl.com/export/openssh/openssh-6.0p1.fips-revised.patch ?
Regards,
Manish
2014 Feb 17
1
[ DRAFT PATCH ] - FIPS 140-2 patch for OpenSSH 6.5p1
Hi,
Here is FIPS 140-2 patch for OpenSSH 6.5p1. Since our expertise in OpenSSH
code is limited, request moderators to validate this patch and update as
required.
Regards,
Manish Jagtap
2014 Feb 17
0
[Bug 2202] New: [ DRAFT PATCH ] - FIPS 140-2 patch for OpenSSH 6.5p1
https://bugzilla.mindrot.org/show_bug.cgi?id=2202
Bug ID: 2202
Summary: [ DRAFT PATCH ] - FIPS 140-2 patch for OpenSSH 6.5p1
Product: Portable OpenSSH
Version: 6.5p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: Miscellaneous
Assignee:
2001 Apr 06
1
error:*** zlib missing
Hi, my Name is Claudia Linares and in this moment, I try to install the SSH
in a machine Sun with Solaris 2.7.
When I want to compile the software openssh-2.5.1p1 ( with Compiler CC or
with gcc), I execute the comand:
./configure but in this instant I view the following messages:
config : error:*** zlib missing - please install first or check config .log
The file config.log is this:
2007 Nov 22
3
Solaris 9 Winbind "ls -l" hangs - group mapping
OS Solaris 5.9 (9) Generic_122300-13 (clean build)
nscd daemon has been disabled and is not running
No NIS or NISPLUS
Samba Version 3.0.26a
Complied using the following options --with-acl-support -with-winbind
-with-pam
smbd, nmbd & winbind daemons are all started
[global]
workgroup = MTCB2
security = domain
log level = 3
log file =
2010 Jan 21
7
[Bug 1701] New: FIPS-140-2 requires call to RAND_cleanup() before the program using RAND exits
https://bugzilla.mindrot.org/show_bug.cgi?id=1701
Summary: FIPS-140-2 requires call to RAND_cleanup() before the
program using RAND exits
Product: Portable OpenSSH
Version: 5.3p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
2005 Oct 04
6
Animation of Mandelbrot Set
Hi,
I was playing with Mandelbrot sets and come up with the following code, I
thought I would share:
library(fields) # for tim.colors
library(caTools) # for write.gif
m = 400 # grid size
C = complex( real=rep(seq(-1.8,0.6, length.out=m), each=m ),
imag=rep(seq(-1.2,1.2, length.out=m), m ) )
C = matrix(C,m,m)
Z = 0
X = array(0, c(m,m,20))
for (k in 1:20) {
Z =
2015 Dec 04
6
OpenSSH FIPS 140-2 support using OpenSSL FIPS modules?
Hi All:
I tried to rebuild openssl with the FIPS modules, and then install the new
openssl libs (lib crypto.so to be specific) on my Ubuntu 12.04 box.
After that I noticed it seemed to break OpenSSH: I couldn't login to the
box using ssh, and couldn't run the client command like ssh-keygen either.
My questions are:
1. Does OpenSSH support FIPS mode?
2. Or does OpenSSH support with
2003 Jun 24
4
cumulative frequency distribution plot
Does R do cumulative frequency distribution plots?
--
Tommy E. Cathey, Senior Scientific Application Consultant
High Performance Computing & Scientific Visualization
SAIC, Supporting the EPA
Research Triangle Park, NC
919-541-1500 EMail: cathey.tommy at epa.gov
My e-mail does not reflect the opinion of SAIC or the EPA.
Federal Contact - John B. Smith
919-541-1087 - smith.johnb at epa.gov
2005 Feb 11
2
Incorrect disk size reported at 20.0 MB
All,
I'm recently seeing an issue with how Samba is reporting
the disk space available from a NFS share. Checking the
properties from a PC system displays all mapped network
drives as having 20.0 MB size with zero free disk space
available. We updated to Samba version 3.0.11 this morning
with no change in results. I have checked the bug reports
and haven't found anything that resembles