rpms
/
openssh
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,053 Commits 32 Branches 239 Tags 9.6 MiB
Commit Graph

11 Commits

Author SHA1 Message Date
Jakub Jelen 36fef5669a openssh-8.1p1-1 + 0.10.3-8 2019-10-09 10:24:21 +02:00
Jakub Jelen 5eb2d51328 Add missing hostkey certificate algorithms to the FIPS list 2019-07-26 09:27:52 +02:00
Jakub Jelen d19ba936f2 Do not attempt to generate DSA and ED25519 keys in FIPS mode 2019-07-26 09:27:52 +02:00
Jakub Jelen f660e11adc FIPS: Do not fail if FIPS-unsupported algorithm is provided in configuration or on command line 
This effectively allows to use some previously denied algorithms
in FIPS mode, but they are not enabled in default hardcoded configuration
and disabled by FIPS crypto policy.

Additionally, there is no guarantee they will work in underlying OpenSSL.

Resolves: rhbz#1625318
 2019-05-07 11:57:30 +02:00
Jakub Jelen def1debf2e openssh-8.0p1-1 + 0.10.3-7 
Resolves rhbz#1701072
 2019-04-29 14:12:13 +02:00
Jakub Jelen cb35953bec The FIPS_mode() is in different header file 2019-03-21 17:02:28 +01:00
Jakub Jelen 81a703d751 Do not allow negotiation of unknown primes with DG GEX in FIPS mode 2019-03-12 15:16:35 +01:00
Jakub Jelen e8876f1b1f Honor GSSAPIServerIdentity for GSSAPI Key Exchange (#1637167) 2018-10-19 11:41:34 +02:00
Jakub Jelen eaa7af2e41 rebase patches to openssh-7.9p1 2018-10-19 11:41:07 +02:00
Jakub Jelen bbf61daf97 openssh-7.8p1-1 + 0.10.3-5 
New upstream release including:
 * Dropping entropy patch
 * Remove default support for MD5 fingerprints
 * Porting all the downstream patches and pam_ssh_agent_auth
   to new sshbuf and sshkey API
 * pam_ssh_agent_auth is no longer using MD5 fingerprints
 2018-08-24 23:16:24 +02:00
Jakub Jelen 44e2032a0a fips: Show real list of kex algoritms in FIPS 2018-08-08 10:18:27 +02:00