FIPS integrity verification test failed when iniating SSH session

爷,独闯天下 提交于 2020-01-14 09:30:21

问题


I recently enabled the FIPS module under CentOS 6 (minimum install).

Module is confirmed working:

cat /proc/sys/crypto/fips_enabled yields 1

openssl md5 somefile(fails) and openssl sha1 somefile(succeeds).

openssl version yields OpenSSL 1.0.1e-fips 11 Feb 2013

When I attempt to ssh into a box I connect to daily, I now see a notice stating:

FIPS integrity verification test failed

The session continues and I am able to connect to the remote server. Is the connection still secure?


回答1:


The session continues and I am able to connect to the remote server. Is the connection still secure?

Yes.

OpenSSL is known as FIPS Capable. The FIPS Capable version of the library can use validated cryptography.

If FIPS_mode_set is not called, then the module is using non-validated cryptography. If FIPS_mode_set is called but fails (your situation), then the module using non-validated cryptography. In both case you are using cryptography, its just not blessed by FIPS.



来源:https://stackoverflow.com/questions/30484972/fips-integrity-verification-test-failed-when-iniating-ssh-session

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!