Dear Joel, We (Red Hat) have proposed this approach and several patches. They were partially integrated upstream, but to a limited extent. I understand upstream reasons to not integrate these patches fully but it's a pain. On Tue, Jun 17, 2025 at 9:54 AM Joel GUITTET via openssh-unix-dev < openssh-unix-dev@xxxxxxxxxxx> wrote: > Hello, > > We are working on a project with OpenSSH built-in with Yocto and we need > to set FIPS mode on the target. This mainly means OpenSSL V3 APIs. We would > like to propose a patch to the community so that the support is integrated > in the mainline OpenSSH source code. Limitation could be we are not able to > provide full patch but only a partial one depending of the feature we built > in the project (sshd, sftp). > > Could it be interesting by the way? Is there such initiative somewhere > that we can join to help? If we submit such patch what will be the response > of OpenSSH project? Useful or not? What is migration status to OpenSSL V3 > APIs, if such status exists? > > Thanks for the feedback. > Joel > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > > -- Dmitry Belyavskiy _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
