[
https://issues.apache.org/jira/browse/GUACAMOLE-1669?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mike Jumper closed GUACAMOLE-1669.
----------------------------------
Fix Version/s: (was: 1.6.0)
Resolution: Fixed
> SSH Connections not working when FIPS mode is enabled on guacd host
> -------------------------------------------------------------------
>
> Key: GUACAMOLE-1669
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1669
> Project: Guacamole
> Issue Type: Bug
> Reporter: James Muehlner
> Assignee: Mike Jumper
> Priority: Major
> Fix For: 1.5.2
>
>
> SSH connections (either password auth, or private key auth) are not working
> on hosts where FIPS mode is enabled. If FIPS mode is disabled, the
> connections start working again.
>
> The problem seems to be that libssh2 negotiates to use non-FIPS-compliant key
> exchange algorithms or ciphers, and then OpenSSL refuses to use them.
> The answer is most likely to just specify a list of FIPS-compatible
> algorithms and ciphers before connecting, if FIPS mode is enabled. It's
> unclear why libssh2 isn't already doing this.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
