mike-jumper commented on PR #391: URL: https://github.com/apache/guacamole-server/pull/391#issuecomment-1225264823
> Luckily for FIPS, there's a pretty small set of options that are both FIPS-compliant, AND libssh2-supported. I just listed those from biggest key sizes to smallest. I guess you could imagine somebody wanting to prefer smaller key sizes for performance reasons, but I'd guess that nobody would ever use such an option ¯_(ツ)_/¯ Maybe there's a way we can check what OpenSSH considers its order of priority in a FIPS environment? Googling around, I found [this page](https://techhub.hpe.com/eginfolib/networking/docs/switches/5130ei/5200-3946_security_cg/content/485048549.htm) which states: > ... In FIPS mode ... SSH2 uses the aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm, aes256-gcm, aes128-cbc, and aes256-cbc encryption algorithms in descending order of priority for algorithm negotiation. Which seems to indicate: * Prefer CTR, then GCM, then finally CBC. * Use as small a key as the SSH server will allow. There might be good reason or documentation for that. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
