[openssl-users] /dev/random in FIPS mode Error: PRNG not seeded
Hello, We have a custom hardware system running Linux Debian OS having openssl 1.0.2l compiled with FIPS module 2.0. We are trying for FIPS 140-2 certification. By default it looks like openssl RAND_poll() uses /dev/urandom for entropy. We are told this may not be acceptable for FIPS 140-2 Level 1 certification and we should be using /dev/random. So we patched e_os.h to change order to use "/dev/random" than /dev/urandom. i.e before define DEVRANDOM "/dev/urandom","/dev/random" after define DEVRANDOM "/dev/random","/dev/urandom" Now we see that openssl is using /dev/random, but the problem is openssl operations randomly fail when run multiple times with "PRNG not seeded" error. This is in-spite of having rngd installed to boost entropy. [root@debian ~]# OPENSSL_FIPS=1 openssl version FIPS mode ON. OpenSSL 1.0.2l-fips 25 May 2017 [root@debian ~]# OPENSSL_FIPS=1 openssl version FIPS mode ON. OpenSSL 1.0.2l-fips 25 May 2017 [root@debian ~]# [root@debian ~]# OPENSSL_FIPS=1 openssl version 139889362065040:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:549:You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html 139889362065040:error:2D07406D:FIPS routines:FIPS_drbg_instantiate:error retrieving entropy:fips_drbg_lib.c:284: 139889362065040:error:24066067:random number generator:RAND_init_fips:error instantiating drbg:rand_lib.c:293: 139889362065040:error:04088003:rsa routines:RSA_setup_blinding:BN lib:rsa_crpt.c:212: 139889362065040:error:04066044:rsa routines:RSA_EAY_PRIVATE_ENCRYPT:internal error:rsa_eay.c:443: 139889362065040:error:2D079089:FIPS routines:fips_pkey_signature_test:test failure:fips_post.c:334:Type=RSA SHA256 PSS 139889362065040:error:2A067068:lib(42):ECDSA_sign_setup:random number generation failed:ecs_ossl.c:149: 139889362065040:error:2A06502A:lib(42):ECDSA_do_sign:reason(42):ecs_ossl.c:308: 139889362065040:error:2D079089:FIPS routines:fips_pkey_signature_test:test failure:fips_post.c:334:Type=ECDSA P-224 139889362065040:error:0A06B003:dsa routines:DSA_sign_setup:BN lib:dsa_ossl.c:318: 139889362065040:error:0A070003:dsa routines:DSA_do_sign:BN lib:dsa_ossl.c:225: 139889362065040:error:2D079089:FIPS routines:fips_pkey_signature_test:test failure:fips_post.c:334:Type=DSA SHA384 [root@debian ~]# cat /proc/sys/kernel/random/entropy_avail 3090 [root@debian ~]# Few Questions: 1)Would anyone know if usage of /dev/random as openssl entropy source is mandatory for FIPS 140-2 certification? 2) entropy_avail shows 3090, yet we hit 'PRNG not seeded' error. Is this because every FIPS_mode_set(1) call utilizes lot of entropy for selfTests etc? Is there any entropy estimate for each FIPS_mode_set() call? 3) Is there a way to avoid this issue with openssl code changes? i.e by doing some sort of auto-fallback to /dev/urandom if /dev/random pool is drained. 4) Since /dev/random is blocking, shouldn't openssl commands get stuck than error out if enough entropy is not available? Is there a way to do such a thing(by waiting for pool to get replenished). If yes what part of code needs to be changed? Thanks in Advance, D -- Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
RE: openssl 1..0.1e -bad sig size 32 32 for DSA 2048 keys
Thanks for the quick reply. Since FIPS-140-3 may limit DSA key limit to be not less than 2048, Is there a chance of 2048 DSA key support in the near future upstream versions of openssl? Thanks. -- View this message in context: http://openssl.6102.n7.nabble.com/openssl-1-0-1e-bad-sig-size-32-32-for-DSA-2048-keys-tp45189p45402.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
openssl 1..0.1e -bad sig size 32 32 for DSA 2048 keys
Hi, I built and installed openssl 1.0.1e. When i try to connect using ssh with 2048 DSA keys, i get *bad sig size 32 32* error. Is this a bug? Here is how i created the keys. openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 openssl dsaparam -out dsaparam.pem 2048 openssl gendsa -out ssh_dsa_key dsaparam.pem In sshd_config, HostKey ssh_dsa_key Here is the debug log. Server listening on 0.0.0.0 port 22. debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Server will not fork when running in debugging mode. debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 debug1: inetd sockets after dupping: 3, 3 Connection from 198.14.64.100 port 54130 debug1: Client protocol version 2.0; client software version OpenSSH_5.5p1 Debian-6+squeeze1 debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1 pat OpenSSH_5* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.1 debug1: permanently_set_uid: 101/65534 [preauth] debug1: list_hostkey_types: ssh-dss [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: kex: client-server aes128-ctr hmac-md5 none [preauth] debug1: kex: server-client aes128-ctr hmac-md5 none [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth] debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth] bad sig size 32 32 mm_answer_sign: key_sign failed debug1: do_cleanup Thanks in Advance. -- View this message in context: http://openssl.6102.n7.nabble.com/openssl-1-0-1e-bad-sig-size-32-32-for-DSA-2048-keys-tp45189.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
FIPS_Mode_set() and Integrity check
Hi All, I have a question about FIPS mode and Integrity check. 1)I built FIPS 2.0.2 module, libcrypto.1.0.0 with FIPS and dynamically linked against *sshd* and installed on target machine, which is working fine. 2)I cleaned up the libraries, build FIPS module and libcrypto.so.1.0.0 again and replaced earlier libcrypto in the target machine with new library. SSHD dumped once, and after restart it is working fine in FIPS mode. Since FIPS mode is turned on, integrity test must have been passed. How integrity check is passing in this case? Does fipscanister creates same fingerprint for different compilation? Or is the Intergrity check is confined only to libcrypto library and doesnt depend on the executable? Thanks. -- View this message in context: http://openssl.6102.n7.nabble.com/FIPS-Mode-set-and-Integrity-check-tp45125.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
compiling mod_ssl as shared forms mod_ssl.a and not mod_ssl.so
Hi, I am trying to compile httpd 2.4.4 with openssl 1.0.1e. I want mod_ssl to be linked dynamically as mod_ssl.so But after compiling using following config option results in mod_ssl.a . ./configure --prefix=/etc/apache2 --with-ssl=/openssl_cc1 *--enable-so --enable-mods-shared=all* --enable-http --enable-unixd=static --enable-deflate --enable-expires --enable-slotmem-shm --enable-headers --enable-rewrite --enable-proxy --enable-proxy-balancer --enable-proxy-http --enable-proxy-fcgi --enable-mime-magic *--enable-ssl=shared* --enable-log-debug --with-mpm=prefork I tried with options like --enable-shared=ssl, --enable-ssl=shared, --enable-ssl . But none of them are seeming to work out. Interestingly, some other modules are built as *so* s. for example- mod_heartbeat.so, mod_mime_magic.so etc. These mod_ssl files are formed after compiling- ./modules/ssl/mod_ssl.slo ./modules/ssl/.libs/mod_ssl.a ./modules/ssl/.libs/mod_ssl.lai ./modules/ssl/.libs/mod_ssl.la ./modules/ssl/mod_ssl.la Where am i going wrong here? Thanks. -- View this message in context: http://openssl.6102.n7.nabble.com/compiling-mod-ssl-as-shared-forms-mod-ssl-a-and-not-mod-ssl-so-tp45039.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Is it possible to configure only TLSv1.2 ciphers for FIPS?
Hi Jakob, I am using Openssl 1.0.1e compiled against FIPS 2.0.2. Thanks a lot! That was some great information. we will upgrade to 2.3.x since we need OCSP support as well. Any idea which is the stable version in 2.3.x? Hi Viktor, /And then protocols here. Which do you want, the protocol or the ciphers?/ Sorry, i was under the impression that Selecting TLS version automatically sets the same versioned ciphers. I may be mistaken here. Jakobs mail clears the confusion for me. Thanks! Cipher. -- View this message in context: http://openssl.6102.n7.nabble.com/Is-it-possible-to-configure-only-TLSv1-2-ciphers-for-FIPS-tp44905p44946.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
FIPS with openssl 1.0.1c strange error
I cross compiled openssl 1.0.1c with FIPS with following commands:
For FIPS module:
./config
make
for openssl
./config fips no-asm shared
--with-fipsdir=/software/openssl/openssl-fips-2.0.2/
export FIPS_SIG=/software/openssl/openssl-fips-2.0.2/util/incore
changed fipsld line 132 to ${FIPS_SIG} -dso ${TARGET}
make
Everything was fine. openssl was working fine after installing in the target
machine.
I had to rebuild libcrypto for some reason. With the same options i did a
clear build and created libcrypto.so.1.0.0 .
But in the target system after installing, i get this when i run openssl.
[root@PC ~]# openssl
b69a5b834670cad92f1ecced70bc732857b3580e
[root@PC ~]# openssl ciphers
b69a5b834670cad92f1ecced70bc732857b3580e
[root@PC ~]
What does this mean?
both libcrypto.so.1.0.0 (earlier and new) are equal in size and symbols also
match.
[root@PC~]# nm -f 'sysv' *libcrypto.so.1.0.0_earler* |grep fips|grep .rodata
fips_des_sptrans|00190aa0| R |
OBJECT|0800| |.rodata
fips_sha1_version |001909e0| R |
OBJECT|0030| |.rodata
fips_sha256_version |00190a20| R |
OBJECT|0033| |.rodata
fips_sha512_version |00190a60| R |
OBJECT|0033| |.rodata
[root@PC~]# nm -f 'sysv' *libcrypto.so.1.0.0* |grep fips|grep .rodata
fips_des_sptrans|00190aa0| R |
OBJECT|0800| |.rodata
fips_sha1_version |001909e0| R |
OBJECT|0030| |.rodata
fips_sha256_version |00190a20| R |
OBJECT|0033| |.rodata
fips_sha512_version |00190a60| R |
OBJECT|0033| |.rodata
But diff command says they are different.
Is this something to do with env setup? I checked both Makefiles and they
are same.
Please some one help with this. I am frustrated with this
--
View this message in context:
http://openssl.6102.n7.nabble.com/FIPS-with-openssl-1-0-1c-strange-error-tp44927.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: OpenSSL internal error, assertion failed: Low level API call to cipher AES forbidden in FIPS mode
I changed evp_*_ctr to EVPs in cipher.c . Now SSH connection takes place, but
after authentication connection gets closed.
Here is the debug mode log.
[root@PC]# ssh -p 2024 localhost
root@localhost's password:
Write failed: Broken pipe
[root@PC]#
debug1: sshd version OpenSSH_6.1p1
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/sshd'
debug1: rexec_argv[1]='-d'
FIPS mode initialized
Set /proc/self/oom_adj from 0 to -17
debug1: Bind to port 2024 on 0.0.0.0.
Server listening on 0.0.0.0 port 2024.
debug1: Bind to port 2024 on ::.
Server listening on :: port 2024.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
FIPS mode initialized
debug1: inetd sockets after dupping: 3, 3
Connection from 127.0.0.1 port 55851
debug1: Client protocol version 2.0; client software version OpenSSH_5.5p1
Debian-6+squeeze1
debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1 pat OpenSSH_5*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.1
debug1: permanently_set_uid: 101/65534 [preauth]
debug1: list_hostkey_types: ssh-rsa,ssh-dss [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: client-server aes128-ctr hmac-sha1 none [preauth]
debug1: kex: server-client aes128-ctr hmac-sha1 none [preauth]
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth]
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user root service ssh-connection method none
[preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: userauth-request for user root service ssh-connection method
password [preauth]
debug1: attempt 1 failures 0 [preauth]
Accepted password for root from 127.0.0.1 port 55851 ssh2
*ssh_aes_ctr_iv: no context [preauth]*
debug1: do_cleanup [preauth]
debug1: monitor_read_log: child log fd closed
debug1: monitor_child_preauth: root has been authenticated by privileged
process
debug1: do_cleanup
debug1: Killing privsep child 1519
cipher-ctr.c needs to modified as well?
void ssh_aes_ctr_iv(EVP_CIPHER_CTX *evp, int doset, u_char * iv, size_t len)
{
struct ssh_aes_ctr_ctx *c;
if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL)
fatal(ssh_aes_ctr_iv: no context);
if (doset)
memcpy(c-aes_counter, iv, len);
else
memcpy(iv, c-aes_counter, len);
}
Thanks.
--
View this message in context:
http://openssl.6102.n7.nabble.com/OpenSSL-internal-error-assertion-failed-Low-level-API-call-to-cipher-AES-forbidden-in-FIPS-mode-tp44864p44897.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: OpenSSL internal error, assertion failed: Low level API call to cipher AES forbidden in FIPS mode
Hi Steve, Thanks for the suggestion. It worked. *ssh_aes_ctr_iv: no context [preauth]* message was coming because i was passing EVP type to that function. Now its fine after passing evp. Thanks, Cipher -- View this message in context: http://openssl.6102.n7.nabble.com/OpenSSL-internal-error-assertion-failed-Low-level-API-call-to-cipher-AES-forbidden-in-FIPS-mode-tp44864p44899.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL internal error, assertion failed: Low level API call to cipher AES forbidden in FIPS mode
Hi Steve, Thanks for the suggestion. It worked. *ssh_aes_ctr_iv: no context [preauth]* message was coming because i was checking against EVP_aes_128_ctr for the type. It should be: Cipher.c:385 if (c-evptype == evp_aes_128_ctr) ssh_aes_ctr_iv(cc-evp, 0, iv, len); Thanks, Cipher -- View this message in context: http://openssl.6102.n7.nabble.com/OpenSSL-internal-error-assertion-failed-Low-level-API-call-to-cipher-AES-forbidden-in-FIPS-mode-tp44864p44900.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Is it possible to configure only TLSv1.2 ciphers for FIPS?
Hi, For FIPS work, we are planning to support only TLSv1.2 ciphers. Is there a configuration option to use *only* TLSv1.2 ciphers? we are using apache/mod_ssl engine(v 2.2.16). *SSLProtocol* directive does not support TLSv1.1/TLSv1.2 option. if there is no config option, which functions need to be changed to support only TLSv1.2 in FIPS mode?(If the list is not so long) any inputs are highly appreciated. Thanks, Cipher -- View this message in context: http://openssl.6102.n7.nabble.com/Is-it-possible-to-configure-only-TLSv1-2-ciphers-for-FIPS-tp44905.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS_rand_set_key and FIPS_rand_seed
I found the solution, it has nothing to do with forking. Here is what i did- I was writing IN FIPS MODE message to *stdout*. When sshd forks child process to handle scp, this stdout was being passed over the pipe causing the issue. My issue got resolved after writing the FIPS mode message to *stderr*. Thanks. -- View this message in context: http://openssl.6102.n7.nabble.com/FIPS-rand-set-key-and-FIPS-rand-seed-tp44828p44863.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OpenSSL internal error, assertion failed: Low level API call to cipher AES forbidden in FIPS mode
Hi, I complied and installed FIPS capable OPENSSL 1.0.1c and OPENSSH 6.1p1 with FIPS. While debugging i found that SSH fails for *ctr* mode of cipher operation. Here is what i get when i connect using aes256-ctr or aes128-cbc FIPS mode initialized debug1: inetd sockets after dupping: 3, 3 Connection from 127.0.0.1 port 51395 debug1: Client protocol version 2.0; client software version OpenSSH_5.5p1 Debian-6+squeeze1 debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1 pat OpenSSH_5* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.1 debug1: permanently_set_uid: 101/65534 [preauth] debug1: list_hostkey_types: ssh-rsa,ssh-dss [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: kex: client-server aes256-ctr hmac-sha1 none [preauth] debug1: kex: server-client aes256-ctr hmac-sha1 none [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth] debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent [preauth] aes_misc.c(73): OpenSSL internal error, assertion failed: Low level API call to cipher AES forbidden in FIPS mode! debug1: do_cleanup This issue doesnt happen with aes128-cbc . What is wrong here? aes_misc(73) : #ifdef OPENSSL_FIPS fips_cipher_abort(AES); #endif How does it differentiate between different modes? Thanks, Cipher -- View this message in context: http://openssl.6102.n7.nabble.com/OpenSSL-internal-error-assertion-failed-Low-level-API-call-to-cipher-AES-forbidden-in-FIPS-mode-tp44864.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: AES key wrap feature unavailable in FIPS mode OpenSSL?
Hi, given the point this was posted in 2011, i hope this is resolved and i can get some help with my problem! I have a similar problem with openssl 1.0.1c compiled with FIPS 2.0.2 and OPENSSH 6.1p1. Here is the debug mode of sshd with aes256-ctr cipher FIPS mode initialized debug1: inetd sockets after dupping: 3, 3 Connection from 127.0.0.1 port 51395 debug1: Client protocol version 2.0; client software version OpenSSH_5.5p1 Debian-6+squeeze1 debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1 pat OpenSSH_5* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.1 debug1: permanently_set_uid: 101/65534 [preauth] debug1: list_hostkey_types: ssh-rsa,ssh-dss [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: kex: client-server aes256-ctr hmac-sha1 none [preauth] debug1: kex: server-client aes256-ctr hmac-sha1 none [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth] debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent [preauth] aes_misc.c(73): OpenSSL internal error, assertion failed: Low level API call to cipher AES forbidden in FIPS mode! debug1: do_cleanup Any help is highly appreciated. Also i read in some threads that i have to use EVPs. How to use them? Is there a related patch? Thanks. -- View this message in context: http://openssl.6102.n7.nabble.com/AES-key-wrap-feature-unavailable-in-FIPS-mode-OpenSSL-tp18237p44865.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS_rand_set_key and FIPS_rand_seed
I have related problem. My *sshd* is compiled with FIPS 2.0.2 incorporated openssl 1.0.1c and runs fine in SBX. But when i try to do scp from a remote system, initial connection is successful but connection get closed immediately. If i am not wrong, scp internally calls ssh which forks a new process to handle scp transfers. I couldnt check wireshark logs since messages were encrypted. I have attached debug logs. [root@PC log]# /sshd -d ***IN FIPS MODE*** Server Version: SSH-2.0-OpenSSH_6.1p1 FIPS debug1: sshd version OpenSSH_6.1p1 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: rexec_argv[0]='/sshd' debug1: rexec_argv[1]='-d' FIPS mode initialized Set /proc/self/oom_adj from 0 to -17 debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Server will not fork when running in debugging mode. debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 FIPS mode initialized debug1: inetd sockets after dupping: 3, 3 Connection from 198.60.40.60 port 53390 debug1: Client protocol version 2.0; client software version OpenSSH_3.9p1 debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.1 debug1: permanently_set_uid: 101/65534 [preauth] debug1: list_hostkey_types: ssh-rsa,ssh-dss [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: kex: client-server aes128-cbc hmac-sha1 none [preauth] debug1: kex: server-client aes128-cbc hmac-sha1 none [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth] debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent [preauth] debug1: SSH2_MSG_NEWKEYS sent [preauth] debug1: expecting SSH2_MSG_NEWKEYS [preauth] debug1: SSH2_MSG_NEWKEYS received [preauth] debug1: KEX done [preauth] debug1: userauth-request for user root service ssh-connection method none [preauth] debug1: attempt 0 failures 0 [preauth] debug1: userauth-request for user root service ssh-connection method password [preauth] debug1: attempt 1 failures 0 [preauth] Accepted password for root from 198.60.40.60 port 53390 ssh2 debug1: monitor_read_log: child log fd closed debug1: monitor_child_preauth: root has been authenticated by privileged process debug1: Entering interactive session for SSH2. debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 0 win 131072 max 32768 debug1: input_session_request debug1: channel 0: new [server-session] debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session debug1: server_input_channel_req: channel 0 request exec reply 0 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req exec debug1: Received SIGCHLD. debug1: session_by_pid: pid 11745 debug1: session_exit_message: session 0 channel 0 pid 11745 debug1: session_exit_message: release channel 0 debug1: session_by_channel: session 0 channel 0 debug1: session_close_by_channel: channel 0 child 0 debug1: session_close: session 0 pid 0 debug1: channel 0: free: server-session, nchannels 1 Connection closed by 198.60.40.60 debug1: do_cleanup Transferred: sent 2608, received 1288 bytes Closing connection to 198.60.40.60 port 53390 remote side scp command: bash-3.00$ scp -P 22 file.c root@198.60.50.50:~/ root@198.60.50.50's password: debug1: permanently_set_uid: 0/0 Environment: USER=root LOGNAME=root HOME=/root PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin MAIL=/var/mail/root SHELL=/bin/bash SSH_CLIENT=198.60.40.60 53390 22 SSH_CONNECTION=198.60.40.60 53390 198.60.50.50 22 ***IN FIPS MODE*** bash-3.00$ Is it something to do with forking in FIPS mode? syslogs doesnt show any entries. Thanks in advance. -- View this message in context: http://openssl.6102.n7.nabble.com/FIPS-rand-set-key-and-FIPS-rand-seed-tp44828p44846.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
ctr-mode is not supported in FIPS mode?
Hi, I complied and installed FIPS capable OPENSSL 1.0.1c and OPENSSH 6.1p1 with FIPS. While debugging i found that SSH fails for *ctr* mode of cipher operation. Is it because of a buggy patch? Here is what i get when i connect using aes256-ctr FIPS mode initialized debug1: inetd sockets after dupping: 3, 3 Connection from 127.0.0.1 port 51395 debug1: Client protocol version 2.0; client software version OpenSSH_5.5p1 Debian-6+squeeze1 debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1 pat OpenSSH_5* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.1 debug1: permanently_set_uid: 101/65534 [preauth] debug1: list_hostkey_types: ssh-rsa,ssh-dss [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: kex: client-server aes256-ctr hmac-sha1 none [preauth] debug1: kex: server-client aes256-ctr hmac-sha1 none [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth] debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent [preauth] aes_misc.c(73): OpenSSL internal error, assertion failed: Low level API call to cipher AES forbidden in FIPS mode! debug1: do_cleanup Thanks, Cipher -- View this message in context: http://openssl.6102.n7.nabble.com/ctr-mode-is-not-supported-in-FIPS-mode-tp44709.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS enable Apache 2.4.3 with OpenSSL 1.0.1c-fips
Jerry, All, I have built FIPS capable openssl 1.0.1c and formed shared libs(libcrypto.s0.1.0.0 and libssl.so.1.0.0) . Now i am trying to build apache to make it FIPS capable. Do you mind telling me the steps involved in building Apache with newly built openssl? (I am cross compiling, so have not installed openssl) I tried downloading and building *httpd-2.2.24*/ *apache_1.3.41* and *mod_ssl 1.3.39* , But i see compatibility issues. Can you point me which mod_ssl version is compatible to work with opensssl 1.0.1c/apache(latest). -- View this message in context: http://openssl.6102.n7.nabble.com/FIPS-enable-Apache-2-4-3-with-OpenSSL-1-0-1c-fips-tp42788p44538.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
