Bug 1771356
Summary: | Default client configuration breaks ssh in FIPS mode. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Florence Blanc-Renaud <frenaud> |
Component: | ipa | Assignee: | Florence Blanc-Renaud <frenaud> |
Status: | CLOSED ERRATA | QA Contact: | ipa-qe <ipa-qe> |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.8 | CC: | cheimes, ipa-qe, jjelen, ksiddiqu, pcech, rcritten, ssidhaye, ssorce, tscherf |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-4.6.6-12.el7 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1756432 | Environment: | |
Last Closed: | 2020-09-29 19:58:29 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1756432 | ||
Bug Blocks: |
Description
Florence Blanc-Renaud
2019-11-12 09:04:11 UTC
Fixed upstream ipa-4-6: https://pagure.io/freeipa/c/7cd1d565ac2b240eda697dbebb043a1a2885d23a RHEL-7.8 is already near the end of a Development Phase and development is being wrapped up. This bug is being moved to RHEL 7.9. If you believe this particular bug should be reconsidered for 7.8, please let us know. Verified with following scenarios (1) Install scenario : HostKeyAlgorithms not added in /etc/ssh/ssh_config after ipa-client install (2) Upgrade scenario : HostKeyAlgorithms is commented out in /etc/ssh/ssh_config after ipa-client install rpm upgrade. [root@dhcp34-39 ~]# rpm -q ipa-client ipa-client-4.6.8-2.el7.x86_64 [root@dhcp34-39 ~]# Please find the attached file for verification and output. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: ipa security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:3936 |