Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-58986

investigate bug in openssh/Sanity/use-advertised-algorithms in FIPS

    • openssh-9.9p1-1.el10
    • No
    • Low
    • 1
    • rhel-sst-security-crypto
    • ssg_security
    • 9
    • 12
    • 0.3
    • False
    • Hide

      None

      Show
      None
    • No
    • Crypto24Q4
    • Release Note Not Required
    • All
    • None

      What were you trying to do that didn't work?

      Please provide the package NVR for which the bug is seen:

      openssh-9.8p1-5.el10_fingertip.x86_64

      How reproducible is this bug?:

      always

      Steps to reproduce

      1. run TC openssh/Sanity/use-advertised-algorithms in FIPS mode
      2. the phase 'Test that other kexes don't work for client' fails
      3.  

      Expected results

      pass

      Actual results

      fail

      Additional info: as we accepted and agreed behavior changes mentioned in CRYPTO-14982 seems that in FIPS mode when wrong KEX algo is specified the default list is not used

              dbelyavs@redhat.com Dmitry Belyavskiy
              rh-ee-mbezokon Miluse Bezo Konecna
              Dmitry Belyavskiy Dmitry Belyavskiy
              Miluse Bezo Konecna Miluse Bezo Konecna
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: