ssh FIPS dsa key authentication issue

Using the EVP_Signxxx API to perform a FIPS mode DSA key sign will generate a signature with ASN.1 format (fips_dsa_sign.c). Therefore, the signature size is no longer 40 bytes (rlen = 20 plus slen = 20) but 48 bytes with padding and ASN.1 overhead (rlen = 20, rpad = 1, slen = 20, spad = 1, SEQUEN

Authentication failure between Non-FIPS SSHD and FIPS SSH

According to the comments from http://www.mail-archive.com/openssl-users@openssl.org/msg58912.html , We should use EVP_Signxxx/EVP_Verifyxxx in FIPS mode. I verified that if both SSHD and SSH are running in FIPS mode, and both