Bug 617227

Summary: ssh on RHEL6 on s390x with enabled FIPS fails with enabled CPACF
Product: Red Hat Enterprise Linux 6 Reporter: Miroslav Vadkerti <mvadkert>
Component: opensshAssignee: Jan F. Chadima <jchadima>
Status: CLOSED DUPLICATE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: low    
Version: 6.0CC: tmraz
Target Milestone: rcKeywords: Reopened
Target Release: ---   
Hardware: s390x   
OS: Linux   
Whiteboard: Regression
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-08-02 12:29:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 618595    
Bug Blocks:    

Description Miroslav Vadkerti 2010-07-22 14:31:36 UTC 
Description of problem:
When I try to connect to sshd running on s390x EL6 with FIPS the connection fails:

[mvadkert@freedom ~]$ ssh root@s390x_machine -v
OpenSSH_5.4p1, OpenSSL 1.0.0a-fips 1 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to s390x_machine [ipv6_addr] port 22.
debug1: connect to address ipv6_addr port 22: Network is unreachable
debug1: Connecting to s390x_machine  [ipv4_addr] port 22.
debug1: Connection established.
debug1: identity file /home/mvadkert/.ssh/id_rsa type -1
debug1: identity file /home/mvadkert/.ssh/id_rsa-cert type -1
debug1: identity file /home/mvadkert/.ssh/id_dsa type -1
debug1: identity file /home/mvadkert/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client 3des-cbc hmac-sha1 none
debug1: kex: client->server 3des-cbc hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
Connection closed by ipv4_addr

This works in RHEL5

Version-Release number of selected component (if applicable):
openssh-5.3p1-18.el6

How reproducible:
always

Steps to Reproduce:
1. ssh s390x_machine
  
Actual results:
ssh fails

Expected results:
ssh succeeds

Additional info:
I changed the hostname and ipv4/ipv6 addresses. 
As this works in EL5.5 I'm marking this as an regression.
Note this works on x86_64, this may be an s390x only bug
Comment 1 Miroslav Vadkerti 2010-07-27 08:37:35 UTC 
I cannot reproduce this on FIPS enbled s390x without enabled 'crypto chip' (CPACF). Adjusting bug summary to reflect this.
Comment 3 Miroslav Vadkerti 2010-07-27 09:06:24 UTC 
Very strange but I couldn't reproduce this again on s390 wit CPACF enabled with latest openssh-5.3p1-19.el6.s390x. Closing as not a bug.
Comment 5 Miroslav Vadkerti 2010-07-27 09:22:54 UTC 
Only FIPS approved cryptographic algorithms are accepted by openssh running on FIPSwith enabled CPACF:

$ ssh -c arcfour128 root@auto-s390-002
no matching cipher found: client arcfour128 server aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc,rijndael-cbc.se
Comment 7 Miroslav Vadkerti 2010-07-27 09:35:26 UTC 
NOTE:
Comments 1-5 apply ONLY for OpenSSH in FIPS mode WITHOUT CPACF. 

Using CPACF in FIPS mode is broken in openssh-5.3p1-19.el6.s390x
Comment 8 Miroslav Vadkerti 2010-07-27 09:47:18 UTC 
For log from client see comment 6/

Logs on server show this:

/var/log/messages:
Jul 27 05:42:45 auto-s390-002 sshd[3197]: error: Could not load host key: /etc/ssh/ssh_host_rsa_key

/var/log/secure:
Jul 27 05:47:04 auto-s390-002 sshd[3210]: FIPS mode initialized

I will try to run sshd in debug mode
Comment 14 Tomas Mraz 2010-08-02 12:29:48 UTC 
This is really a duplicate of the bug 618595.

If the ibmca engine for openssl and the HW is FIPS certified, then the engine must set proper flag for its RSA implementation method.

*** This bug has been marked as a duplicate of bug 618595 ***