While trying to take attempting to open a ssh connection from Photon OS VM it fails.
$ admin@test [ ~ ]$ ssh [email protected]
ssh_dispatch_run_fatal: Connection to 172.16.0.2 port 22: invalid argument
Ping communication is OK.
$ admin@test [ ~ ]$ ping 172.16.0.2
PING 172.16.0.2 (172.16.0.2) 56(84) bytes of data.
64 bytes from 172.16.0.2: icmp_seq=1 ttl=49 time=3.05 ms
64 bytes from 172.16.0.2: icmp_seq=2 ttl=49 time=3.10 ms
64 bytes from 172.16.0.2: icmp_seq=3 ttl=49 time=3.04 ms
^C
--- 172.16.0.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
Photon OS 4.x, 5.x
This occurs on OpenSSL FIPS enabled VM.
The default cipher list used by the SSH client is: "[email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]"
The first cipher in this list, [email protected], is not supported by OpenSSL in FIPS mode. Consequently, OpenSSL in FIPS mode raises an error immediately rather than allowing a fallback to the next cipher, which causes the connection error.
Add the cipher Ciphers aes128-ctr to the ssh config and restart the ssh daemon by following the below steps
Workaround:
Open SSH connection by specifying the cipher aes128-ctr
ssh username@IP -c aes128-ctr