Operating System and Software
-
Rocky Linux 8
- openssh-clients (
ssh
) - FIPS
- openssh-clients (
-
CentOS 6
- openssh (
sshd
)
- openssh (
Problem
-
On a Rocky Linux 8 system with FIPS enabled, connecting to a RHEL6 system fails,
ssh -v
displays the following message[...] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<8192<8192) sent debug1: got SSH2_MSG_KEX_DH_GEX_GROUP ssh_dispatch_run_fatal: Connection to XXX port 22: invalid argument
How to Fix
Please read to article SSH interoperability of Rocky Linux 8 in FIPS mode for details.
The simplest solution is to delete file /etc/ssh/moduli
on the RHEL6 system serving as sshd
backend.
Note that the file is shipped by openssh
, hence rpm -V openssh
will complain about the missing file:
# rpm -V openssh
missing c /etc/ssh/moduli
Origin of the Problem
Please read to article SSH interoperability of Rocky Linux 8 in FIPS mode for details.