Yes libssh2 is using the fips version of openssl while making connection. -----Original Message----- From: curl-library [mailto:curl-library-boun...@cool.haxx.se] On Behalf Of Dan Fandrich Sent: Friday, July 25, 2014 2:08 AM To: curl-library@cool.haxx.se Subject: Re: Curl sftp issue with fips enabled openssl
On Thu, Jul 24, 2014 at 03:20:02PM +0000, Valluri, Sathish wrote: > We are facing issue in curl sftp file transfer when FIPS mode is enabled in > the > openssl-1.0.0-20 version. Is libssh2 using the FIPS version of OpenSSL as well? > > * Hostname was NOT found in DNS cache > > * Trying 10.31.252.180... > > * Connected to 10.31.252.180 (10.31.252.180) port 22 (#0) > > * Failure establishing ssh session > > * Closing connection 0 > > * Hostname was NOT found in DNS cache > > * Trying 10.31.252.180... > > * Connected to 10.31.252.180 (10.31.252.180) port 22 (#0) > > * Failure establishing ssh session > > * Closing connection 0 > > Error: Failed initialization > > > > Curl version : 7.37.1 > > Libssh version used by curl : 1.4.3 > > Openssl version : 1.0.0-20-fips > > > > If we disable fips in openssl our sftp with curl works properly. > > > Can anyone have any suggestions on how to fix this initialization issue. Disable FIPS? Just find some non-government work instead! In the meantime, enable libssh2 verbose logging and see what it says. >>> Dan ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
