[FIPS] ssh to RHEL6 server fails with message “ssh_dispatch_run_fatal: Connection to XXX port 22: invalid argument”

Danila Vershinin

3 years ago

Operating System and Software

Rocky Linux 8
- openssh-clients (ssh)
- FIPS
CentOS 6
- openssh (sshd)

Problem

On a Rocky Linux 8 system with FIPS enabled, connecting to a RHEL6 system fails, ssh -v displays the following message

[...]
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<8192<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
ssh_dispatch_run_fatal: Connection to XXX port 22: invalid argument

How to Fix

Please read to article SSH interoperability of Rocky Linux 8 in FIPS mode for details.

The simplest solution is to delete file /etc/ssh/moduli on the RHEL6 system serving as sshd backend.

Note that the file is shipped by openssh, hence rpm -V openssh will complain about the missing file:

# rpm -V openssh
missing   c /etc/ssh/moduli

Origin of the Problem

Please read to article SSH interoperability of Rocky Linux 8 in FIPS mode for details.

Operating System and Software

Problem

How to Fix

Origin of the Problem

Share this: