Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
openssh_DSA_verify_inFIPS EVP_VerifyFinal BAD SIG code:-1 ERROR
15 views
Skip to first unread message
Anamitra Dutta Majumdar (anmajumd)
Nov 13, 2012, 4:19:40 PM11/13/12
to
We are getting the following error in the syslogs
secure:Nov 9 19:32:04 cls2-pub authpriv 3 sshd[9526]: error: openssh_DSA_verify_inFIPS EVP_VerifyFinal BAD SIG code:-1
when we connect between two servers using ssh key based authentication.
This issue happens only in FIPS mode and not in non FIPS mode.
What is the root cause for this and what is the workaround.
Any pointers would be appreciated.
Thanks,
Anamitra
alan buxey
Nov 13, 2012, 4:38:55 PM11/13/12
to
Hi,
> Nonsense. No-one knows better how the code ought to be working than the
> folk who developed it. I begin with the assumption that all my coders are
i'd cite the cathedral and the bazaar ...or the 'many eyes make all bugs shallow'
views - if you are given the API and the documents, you use the code without seeing
what its doing. by looking at each library you can see what it does and how it does it
but most importantly, you can see the bugs/issues/problems.
with the closed source proprietary software you expect to get 100% perfect docs because
you cannot see the source code - you are told how it works and what to feed it. thats that.
yes, one can complain until you are blue abotu documentation - and a few comments in this
thread have certainly alerted me to some of OpenSSLs other issues - enough perhaps to look
at GNUTLS or some alternative....'ReallyOpenSSL' anyone? ;-)
alan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
> Nonsense. No-one knows better how the code ought to be working than the
> folk who developed it. I begin with the assumption that all my coders are
i'd cite the cathedral and the bazaar ...or the 'many eyes make all bugs shallow'
views - if you are given the API and the documents, you use the code without seeing
what its doing. by looking at each library you can see what it does and how it does it
but most importantly, you can see the bugs/issues/problems.
with the closed source proprietary software you expect to get 100% perfect docs because
you cannot see the source code - you are told how it works and what to feed it. thats that.
yes, one can complain until you are blue abotu documentation - and a few comments in this
thread have certainly alerted me to some of OpenSSLs other issues - enough perhaps to look
at GNUTLS or some alternative....'ReallyOpenSSL' anyone? ;-)
alan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org
0 new messages