Description of problem: REX job failed when you enable FIPS on RHEL 8 hosts Version-Release number of selected component (if applicable): satellite-6.7.0-5.beta.el7sat.noarch How reproducible: New installation of 6.7 Beta Steps to Reproduce: 1. Register a client to your satellite server 2. Check that does your connected system has applicable errata to apply. 2. Enable FIPS on your RHEL 8 system. 3. Attempt to execute the remote command Actual results: Error initializing command: Net::SSH::HostKeyMismatch - fingerprint (could not generate fingerprint: Digest initialization failed: disabled for fips) does not match for "client.example.com,1.7.1.5" Exit status: EXCEPTION Expected results: The remote command should work even if you have FIPS enabled host Additional info:
A customer has reported that a workaround is to change the job category of REX jobs from "Commands" to "Ansible Commands." I have just confirmed that a REX job executed by Satellite 6.7 on a FIPS-enabled RHEL 8 content host fails using the Commands job category, but the same job succeeds when the job category is changed to Ansible Commands.
Verified on Satellite 7 snap 4, ssh type rex job is executed successfully against FIPS enabled RHEL8 host
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Satellite 6.11 Release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5498