James Muehlner created GUACAMOLE-1669:
-----------------------------------------
Summary: SSH Connections not working when FIPS mode is enabled on
guacd host
Key: GUACAMOLE-1669
URL: https://issues.apache.org/jira/browse/GUACAMOLE-1669
Project: Guacamole
Issue Type: Bug
Reporter: James Muehlner
SSH connections (either password auth, or private key auth) are not working on
hosts where FIPS mode is enabled. If FIPS mode is disabled, the connections
start working again.
The problem seems to be that libssh2 negotiates to use non-FIPS-compliant key
exchange algorithms or ciphers, and then OpenSSL refuses to use them.
The answer is most likely to just specify a list of FIPS-compatible algorithms
and ciphers before connecting, if FIPS mode is enabled. It's unclear why
libssh2 isn't already doing this.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
