[jira] [Resolved] (GUACAMOLE-2012) SSH connection fails when a FIPS server offers AES-GCM cipher suites only

Nick Couchman (Jira) Thu, 04 Sep 2025 13:33:14 -0700


     [ 
https://issues.apache.org/jira/browse/GUACAMOLE-2012?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Nick Couchman resolved GUACAMOLE-2012.
--------------------------------------
    Resolution: Fixed

> SSH connection fails when a FIPS server offers AES-GCM cipher suites only
> -------------------------------------------------------------------------
>
>                 Key: GUACAMOLE-2012
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-2012
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole
>    Affects Versions: 1.5.5
>         Environment: FIPS 140-*
>            Reporter: Eugen Hartmann
>            Priority: Major
>             Fix For: 1.6.1
>
>
> Both *guacmole-server* and the remote *sshd* environment are FIPS 140. 
> Libssh2 error is LIBSSH2_ERROR_INVALID_MAC. The remote *sshd* error is:
> {code:java}
> Corrupted MAC on input. [preauth]{code}
> The issue is solved by adding AES GCM ciphers to the FIPS cipher list.
>  
>  
> Related: https://issues.apache.org/jira/browse/GUACAMOLE-1669
> Libssh2 AES GCM: [https://github.com/libssh2/libssh2/issues/583]
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (GUACAMOLE-2012) SSH connection fails when a FIPS server offers AES-GCM cipher suites only

Reply via email to